[cisco-voip] expressway E GoDaddy certificate

Lelio Fulgenzi lelio at uoguelph.ca
Tue Aug 2 10:06:26 EDT 2022


We’ve always been weary of wildcard and muti-San certs that preclude a certificate for each server. In our case, we have got a multi-san cert for each expressway E (and C for that matter) which includes the server as the primary host, and the peer, cluster name and domain as a SAN.

I’m lucky that our cert team has got a contract with good inventory, so, a couple of extra multi-SAN certs isn’t a big deal for us.

At some point, we may consider moving the Expressways to Let’s Encrypt. It’s the only Cisco collab platform that supports it for now.


From: cisco-voip <cisco-voip-bounces at puck.nether.net> On Behalf Of Shaihan Jaffrey
Sent: Tuesday, August 2, 2022 4:21 AM
To: Cisco VOIP <cisco-voip at puck.nether.net>
Subject: [cisco-voip] expressway E GoDaddy certificate

CAUTION: This email originated from outside of the University of Guelph. Do not click links or open attachments unless you recognize the sender and know the content is safe. If in doubt, forward suspicious emails to IThelp at uoguelph.ca<mailto:IThelp at uoguelph.ca>

what is the process to renew Public certificate on Expressway E through
GoDaddy.
Is one certificate sufficient for primary and secondary exp-e?

do we have to get certificates based on FQDN?

Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20220802/ada3ca8f/attachment.htm>


More information about the cisco-voip mailing list