[cisco-voip] CUCM DNS/CTL configuration - follow-up
Ed Leatherman
ealeatherman at gmail.com
Thu May 28 10:37:48 EDT 2015
It's not a tomcat-trust cert though, the docs (and expressway) say it needs
to go in the callmanager-trust
On Thu, May 28, 2015 at 10:25 AM, Charles Goldsmith <wokka at justfamily.org>
wrote:
> Just restart Tomcat
>
> On Thu, May 28, 2015 at 8:21 AM, Ed Leatherman <ealeatherman at gmail.com>
> wrote:
>
>> Good morning!
>>
>> Cert related question - think I know the answer but I dont see it
>> explicitly stated so figured I'd ask.
>>
>> I need to add the CA cert for my expressway-C to call manager as a
>> callmanager-trust cert - do I need to reboot the call manager service for
>> this to take effect? No forced phone reboots since this is just a trust
>> cert, correct? I think the answer is no and no phone reboots.
>>
>> Thanks!
>>
>> Ed
>>
>>
>>
>>
>> On Mon, May 18, 2015 at 10:46 AM, Brian Meade <bmeade90 at vt.edu> wrote:
>>
>>> Ed,
>>>
>>> All phones re-registering is expected behavior for when any CallManager,
>>> CAPF, or TVS certificate on any node in the cluster is regenerated. This
>>> is to allow phones to download an updated ITL before another certificate
>>> change is made. This is also the same reason all phones re-register when
>>> adding a new node to a cluster.
>>>
>>> Tomcat-trusts usually automatically get updated via the Certificate
>>> Change Notification process. There has been a few times I've seen
>>> conflicts that caused this not to work right though.
>>>
>>> Brian
>>>
>>> On Sun, May 17, 2015 at 10:06 AM, Ed Leatherman <ealeatherman at gmail.com>
>>> wrote:
>>>
>>>> Good morning,
>>>>
>>>> This morning I enabled DNS servers, domain name on our CUCM Cluster,
>>>> which involved regenerating all the certs on the cluster. Note I have
>>>> cluster mixed mode. Everything appears to have gone smoothly, but I had 2
>>>> odd things happen that I did not expect.. tossing them out here in case it
>>>> helps someone else, or if someone has commentary on "why" :)
>>>>
>>>> Reference: CUCM v9.1, mixed mode, never had dns servers or domain set
>>>> before.
>>>>
>>>> - After setting primary, secondary DNS and domain name, and the
>>>> subsequent reboot on each node ALL my phones on the cluster restarted or at
>>>> least re-registered each time, even for phones that do not use that node as
>>>> a CM. Is this CM process restarting everywhere each time or ? I didnt think
>>>> to check runtime on the CM process while I was working.
>>>>
>>>> - I expected to have to import tomcat certificates back and forth to
>>>> the publisher at each node once the certs were regenerated, as this was
>>>> necessary in the past. Apparently now they automagically download them from
>>>> each other? I went in to do it and the tomcat-trust was already there with
>>>> the new domain name.
>>>>
>>>> Cheers!
>>>>
>>>> Ed
>>>>
>>>> --
>>>> Ed Leatherman
>>>>
>>>> _______________________________________________
>>>> cisco-voip mailing list
>>>> cisco-voip at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>>>
>>>>
>>>
>>
>>
>> --
>> Ed Leatherman
>>
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>>
>
--
Ed Leatherman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150528/76823184/attachment.html>
More information about the cisco-voip
mailing list