[cisco-voip] Renewing TVS and IPSec certificates

Brian Meade bmeade90 at vt.edu
Tue Mar 27 13:37:39 EDT 2018


If just doing IPSec, you just need to restart the DRS services.  No affect
on ITL.

As soon as you regenerate TVS on any node, all phones will reboot and ITL
will be updated instantly.  Be very careful to do this one node at a time
making sure all phones re-register before moving on.  Really only a huge
issue if you are doing the CallManager.pem at the same time.

TVS certs aren't in the CTL last I checked so you shouldn't need to
regenerate the CTL on mixed-mode clusters if just updating TVS/IPSec.

On Tue, Mar 27, 2018 at 1:03 PM, ROZA, Ariel <Ariel.ROZA at la.logicalis.com>
wrote:

> Hi guys,
>
>
>
> I have some specific questions regarding renewing some certificates.
>
> The situation is this. In a cluster with 4 servers, I have two of them
> that have their tvs.pem and ipsec.pem certificates paste their due date.
>
> I have reviewed a lot of the documentation available, and designed a
> step-by-step procedure to renew them, doing so one server at a time,
> stopping the TFTP, etc.
>
>
>
> But still I have some specific doubts:
>
>
>
> If I just want to renew the ipsec.pem cert ¿Do I have to go through the
> complete process to renew the ITL and reset the phones to get it? Or can I
> just renew the self-signed cert and restart the DRS Services?
> If I am using mixed mode ¿Do I have to regenerate the CTL file as well?
>
>
>
> Regards,
>
>
>
> *Ariel Roza*
> *Collaboration Support Engineer *
>
> t: +54 11 5282-0458 <+54%2011%205282-0458>
>
> c: +54 9 11 5017-4417 <+54%209%2011%205017-4417> webex:
> http://logicalis-la.webex.com/join/ariel.roza
>
> Av. Belgrano 955 – Piso 20 – CABA – Argentina – C1092AAJ
>
> www.la.logicalis.com
>
>
> *_________________________________________________ **Business **and
> technology working as one*
>
> [image: cid:image003.png at 01D3894B.346BF840]
>
>
>
> [image: cid:image005.png at 01D3894B.43930F20]
>
>
>
> [image: Descripción: Descripción: Descripción: Descripción: Descripción:
> Descripción: Descripción: Descripción: Descripción: Descripción:
> Descripción: Descripción: Descripción: Descripción: Descripción:
> Descripción: tw] <http://twitter.com/LogicalisLatam> [image: Descripción:
> Descripción: Descripción: Descripción: Descripción: Descripción:
> Descripción: Descripción: Descripción: Descripción: Descripción:
> Descripción: Descripción: Descripción: Descripción: Descripción: fb]
> <http://es-es.facebook.com/pages/Logicalis-Latam/234648439078> [image:
> Descripción: Descripción: Descripción: Descripción: Descripción:
> Descripción: Descripción: Descripción: Descripción: Descripción:
> Descripción: Descripción: Descripción: Descripción: Descripción:
> Descripción: yt] <http://www.youtube.com/logicalislatam>
>
>
>
> Logicalis Argentina S.A. solo puede ser obligado por sus representantes
> legales conforme los límites establecidos en el acto constitutivo y la
> legislación en vigor.
>
> El contenido del presente correo electrónico e inclusive sus anexos
> contienen información confidencial.
>
> El mismo no puede ser divulgado y/o utilizado por cualquiera otro distinto
> al destinatario, ni puede ser copiado de cualquier forma.
>
>
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20180327/1a158782/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 14260 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20180327/1a158782/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image007.png
Type: image/png
Size: 1470 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20180327/1a158782/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 1468 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20180327/1a158782/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 5832 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20180327/1a158782/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.png
Type: image/png
Size: 1384 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20180327/1a158782/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.jpg
Type: image/jpeg
Size: 1215 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20180327/1a158782/attachment.jpg>


More information about the cisco-voip mailing list