<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: Verdana; font-size: 10pt; color: #000000'>In Connection v7, under Cisco Unified OS Administration > Security > Certificate Management there is the option to create the CSR and upload whatever certificates are generated.<br><br>Changing it shouldn't be a big deal, unless you've loaded that certificate elsewhere.<br><br>Granted, this is v7, not v6, but I would think the appliance models are somewhat familiar.<br><br><br>---<br>Lelio Fulgenzi, B.A.<br>Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1<br>(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)<br>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^<br>"Bad grammar makes me [sic]" - Tshirt<br><br><br>----- Original Message -----<br>From: "Jonathan Madziarczyk" <JMad@cityofevanston.org><br>To: cisco-voip@puck.nether.net<br>Sent: Monday, October 5, 2009 2:44:28 PM GMT -05:00 US/Canada Eastern<br>Subject: Re: [cisco-voip] Updating Certificates on CUCM?<br><br>
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman";}
a:link, span.MsoHyperlink
        {color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {color:blue;
        text-decoration:underline;}
p
        {mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman";}
span.EmailStyle18
        {mso-style-type:personal-reply;
        font-family:Arial;
        color:navy;}
@page Section1
        {size:8.5in 11.0in;
        margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
        {page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="Section1">
<p class="MsoNormal"><font color="navy" size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial; color: navy;">Oh, I’m just trying to set the general
certs for mgmt and user management web pages into the publisher/subscribers.
Since IE8 and the latest FireFox, they no longer give user friendly popups when
you try to go to a site that does not have a known certificate.</span></font></p>
<p class="MsoNormal"><font color="navy" size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial; color: navy;"> </span></font></p>
<p class="MsoNormal"><font color="navy" size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial; color: navy;">Rather than try to train our users how to
read the web page and make their own determination, it’s easier to just fix the
cert to correlate to our own internal CA. (the PCs inside already have our CA
in their list)</span></font></p>
<p class="MsoNormal"><font color="navy" size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial; color: navy;"> </span></font></p>
<p class="MsoNormal"><font color="navy" size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial; color: navy;">I’ve gotten the request files and made
certs for tomcat/CAPF/callmanager/ipsec but I’m a little leery about just
overwriting what’s there on the server. Do they have to be .der or .cer or
.pem. I don’t see a place to upload the site cert either.</span></font></p>
<p class="MsoNormal"><font color="navy" size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial; color: navy;"> </span></font></p>
<p class="MsoNormal"><font color="navy" size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial; color: navy;">So I assumed Cisco had a document on the
proper steps to install these, but I have been unsuccessful in finding it.</span></font></p>
<p class="MsoNormal"><font color="navy" size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial; color: navy;"> </span></font></p>
<p class="MsoNormal"><font color="navy" size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial; color: navy;">JM</span></font></p>
<p class="MsoNormal"><font color="navy" size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial; color: navy;"> </span></font></p>
<p class="MsoNormal"><font color="navy" size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial; color: navy;"> </span></font></p>
<div>
<div class="MsoNormal" style="text-align: center;" align="center"><font size="3" face="Times New Roman"><span style="font-size: 12pt;">
<hr align="center" size="2" width="100%">
</span></font></div>
<p class="MsoNormal"><b><font size="2" face="Tahoma"><span style="font-size: 10pt; font-family: Tahoma; font-weight: bold;">From:</span></font></b><font size="2" face="Tahoma"><span style="font-size: 10pt; font-family: Tahoma;"> Jason Burns
[mailto:burns.jason@gmail.com] <br>
<b><span style="font-weight: bold;">Sent:</span></b> Monday, October 05, 2009
1:37 PM<br>
<b><span style="font-weight: bold;">To:</span></b> Madziarczyk, Jonathan<br>
<b><span style="font-weight: bold;">Cc:</span></b> cisco-voip@puck.nether.net<br>
<b><span style="font-weight: bold;">Subject:</span></b> Re: [cisco-voip] Updating
Certificates on CUCM?</span></font></p>
</div>
<p class="MsoNormal"><font size="3" face="Times New Roman"><span style="font-size: 12pt;"> </span></font></p>
<p class="MsoNormal" style="margin-bottom: 12pt;"><font size="3" face="Times New Roman"><span style="font-size: 12pt;">JM,<br>
<br>
Which certificates exactly do you want to update?<br>
<br>
The ones used to access the CCMAdmin GUI, or the ones used to secure SIP/TLS
connections?</span></font></p>
<div>
<p class="MsoNormal"><font size="3" face="Times New Roman"><span style="font-size: 12pt;">On Mon, Oct 5, 2009 at 1:59 PM, Madziarczyk, Jonathan <<a href="mailto:JMad@cityofevanston.org" target="_blank">JMad@cityofevanston.org</a>> wrote:</span></font></p>
<div>
<div>
<p><font size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial;">Does
anyone have a good writeup for the procedure to update the certificate on call
manager 6.1?</span></font></p>
<p><font size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial;"> </span></font></p>
<p><font size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial;">I
think I’ve got most of it figured out, I just want to see some official
documentation before I start wiping certs.</span></font></p>
<p><font size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial;"> </span></font></p>
<p><font size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial;">I
guess I fail at google, because I can’t seem to find any documentation that
addresses my issue.</span></font></p>
<p><font size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial;"> </span></font></p>
<p><font size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial;">JM</span></font></p>
</div>
</div>
<p class="MsoNormal" style="margin-bottom: 12pt;"><font size="3" face="Times New Roman"><span style="font-size: 12pt;"><br>
_______________________________________________<br>
cisco-voip mailing list<br>
<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a><br>
<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a></span></font></p>
</div>
<p class="MsoNormal"><font size="3" face="Times New Roman"><span style="font-size: 12pt;"> </span></font></p>
</div>
<br>_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
</div></body></html>