[cisco-voip] CUCM / Unity 10.5 and Tomcat SAN SSL

Anthony Holloway avholloway+cisco-voip at gmail.com
Fri Sep 11 15:54:36 EDT 2015


It was actually your session at Cisco Live this year Ryan, where I learned
about MS certs and the suffix.  ;)  I pulled the slide deck up for
reference a weeks ago when I was working with COMODO CA.

On Fri, Sep 11, 2015 at 2:30 PM Ryan Ratliff (rratliff) <rratliff at cisco.com>
wrote:

> I just generated a Tomcat MS CSR without the -ms with no issue on 11.0.
>
> On the case thing as long as you are on the latest SU you should be fine.
> There have been defects related to case validation on certs (CSCuu69964 for
> example) but you should be ok.
>
> -Ryan
>
> On Sep 11, 2015, at 1:49 PM, Michael David <mdavid at sps186.org> wrote:
>
> Greetings,
>
> When I generate the SAN CSRs, the server sets the common name to, for
> example, VUNITY1.sps186.org <http://vunity1.sps186.org/>-ms - the "-ms"
> being added automatically to the end.  All the SANs in the list correspond
> to the actual hostnames and domain name. Can I change this CN to remove the
> -ms?  GoDaddy isn't allowing the cert to be created because the CN isn't a
> FQDN.  Not sure if the CUCM/Unity stuff needs the -ms for its own uses.
>
> Furthermore, our vendor set the hostnames to, for exmple, VUNITY1, VUCM1,
> etc rather than vunity1, vucm1.  GoDaddy changed the case from CSRs from
> the uppercase format to the lowercase format.  If the certs generate with
> the lowercase-only names, will they still function on the cluster with the
> cluster hostnames uppercase?
>
> Thanks in advance,
> Michael
>
> --
> Michael A. David, CCNA
> Springfield Public Schools
> Technology Service Center
> 217.585.5802 ext. 85114
> 217.585.5809 (FAX)
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150911/2192d2fb/attachment.html>


More information about the cisco-voip mailing list