[cisco-voip] How to handle expired Phone-VPN-trust, phone-SAST-trust, other certificates

NateCCIE nateccie at gmail.com
Mon Oct 22 15:08:05 EDT 2018


The expired certs will throw alarms even if they have been superseded by
newer certs.

 

So during a maintenance window, renew anything that is expired, and just
delete all the old ones.  The newer versions of cucm make this easier by
being able to sort by expiration date.

 

-Nate

 

From: cisco-voip <cisco-voip-bounces at puck.nether.net> On Behalf Of ROZA,
Ariel
Sent: Monday, October 22, 2018 11:52 AM
To: cisco-voip (cisco-voip at puck.nether.net) <cisco-voip at puck.nether.net>
Subject: [cisco-voip] How to handle expired Phone-VPN-trust,
phone-SAST-trust, other certificates

 

Hi, guys!

 

I have a customer that is receiving alarms over some expired certificates,
and I would like to know which is the best way to handle them.

The certs are loaded in SERVER1 and all named SERVER2.der, except the CAPF
ones.

<servername>.der in phone-vpn-trust. 

<servername> .der in phone-trust

<servername>.der in phone-SAST-trust

<servername>.der in phone-CTL-trust

And several CAPF-xxxxxx.der in Callmanager-trust

 

So far I have dealt with renewing Callmanager, TFTP and TVS cert, but I
always kept clear from those other certs

Shoud I delete them, shoud I keep them, even as they are expired and
throwing alarms?

 

 

Regards.

 

 

Ariel Roza 
Collaboration Support Engineer 

t: +54 11 5282-0458 

c: +54 9 11 5017-4417 webex:
<http://logicalis-la.webex.com/join/ariel.roza>
http://logicalis-la.webex.com/join/ariel.roza

Av. Belgrano 955 – Piso 20 – CABA – Argentina – C1092AAJ

 <http://www.la.logicalis.com/> www.la.logicalis.com

_________________________________________________
Business and technology working as one 



 



 

 <http://twitter.com/LogicalisLatam>
<http://es-es.facebook.com/pages/Logicalis-Latam/234648439078>
<http://www.youtube.com/logicalislatam>  

 

Logicalis Argentina S.A. solo puede ser obligado por sus representantes
legales conforme los límites establecidos en el acto constitutivo y la
legislación en vigor. 

El contenido del presente correo electrónico e inclusive sus anexos
contienen información confidencial. 

El mismo no puede ser divulgado y/o utilizado por cualquiera otro distinto
al destinatario, ni puede ser copiado de cualquier forma.

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20181022/2c367a5d/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 5832 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20181022/2c367a5d/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 14260 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20181022/2c367a5d/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.jpg
Type: image/jpeg
Size: 1215 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20181022/2c367a5d/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 1468 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20181022/2c367a5d/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 1384 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20181022/2c367a5d/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.png
Type: image/png
Size: 1470 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20181022/2c367a5d/attachment-0004.png>


More information about the cisco-voip mailing list