<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
</head>
<body dir="auto">
<div>I don't have the doc handy but I believe it's in the CSR generation page. <br>
<br>
Sent from my iPhone</div>
<div><br>
On Oct 8, 2014, at 3:46 PM, Jason Aarons (AM) <<a href="mailto:jason.aarons@dimensiondata.com">jason.aarons@dimensiondata.com</a>> wrote:<br>
<br>
</div>
<blockquote type="cite">
<div>
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.EmailStyle18
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">So I couldn’t find a GUI method to add an AlternateSubjectName. My problem with the CUCM 10.5 CLI was only a single SAN (Subject Alternate Name) is supported.
Once I removed the other entries it worked.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">For whatever reason in show web-security the server name is also listed as a AlternateSubjectName. So in short you will see two AlternateSubjectName’s even
when you only have 1 configured.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif"">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif""> Ryan Ratliff (rratliff) [<a href="mailto:rratliff@cisco.com">mailto:rratliff@cisco.com</a>]
<br>
<b>Sent:</b> Wednesday, October 08, 2014 2:53 PM<br>
<b>To:</b> Heim, Dennis<br>
<b>Cc:</b> Justin Steinberg; Jason Aarons (AM); cisco-voip voyp list<br>
<b>Subject:</b> Re: [cisco-voip] CUCM 10.5 Tomcat Subject Alternate Name (SAN) (Alternatehostname) via CLI<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">There's also the multiserver cert in 10.5 that allows you to add additional entries via OS Admin.
<o:p></o:p></p>
<div>
<p class="MsoNormal"><a href="http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/rel_notes/10_5_1/CUCM_BK_CE15D2A0_00_cucm-release-notes-1051/CUCM_BK_CE15D2A0_00_cucm-release-notes-1051_chapter_01.html#CUCM_RF_SEC52373_00">http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/rel_notes/10_5_1/CUCM_BK_CE15D2A0_00_cucm-release-notes-1051/CUCM_BK_CE15D2A0_00_cucm-release-notes-1051_chapter_01.html#CUCM_RF_SEC52373_00</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">-Ryan <o:p></o:p></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal">On Oct 8, 2014, at 2:41 PM, Heim, Dennis <<a href="mailto:Dennis.Heim@wwt.com">Dennis.Heim@wwt.com</a>> wrote:<o:p></o:p></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Single SAN as far as I remember too. Best bet is to add it at the CA level. With Windows CA this can be down via the additional parameters on the certsrv webpage
if doing it that way.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="text-autospace:none"><b><span style="font-size:10.0pt;font-family:"Calibri","sans-serif"">Dennis Heim | Collaboration Solutions Architect</span></b><o:p></o:p></p>
<p class="MsoNormal" style="text-autospace:none"><span style="font-size:10.0pt;font-family:"Calibri","sans-serif"">World Wide Technology, Inc. | +1 314-212-1814</span><o:p></o:p></p>
<p class="MsoNormal" style="text-autospace:none"><a href="https://twitter.com/CollabSensei"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";text-decoration:none"><image001.png></span></a><o:p></o:p></p>
<p class="MsoNormal" style="text-autospace:none"><a href="xmpp:dennis.heim@wwt.com"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;text-decoration:none"><image002.png></span></a><a href="tel:+13142121814"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;text-decoration:none"><image003.png></span></a><a href="sip:dennis.heim@wwt.com"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D;text-decoration:none"><image004.png></span></a><o:p></o:p></p>
<p class="MsoNormal" style="text-autospace:none"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif""> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif"">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif""> cisco-voip [<a href="mailto:cisco-voip-bounces@puck.nether.net">mailto:cisco-voip-bounces@puck.nether.net</a>]
<b>On Behalf Of </b>Justin Steinberg<br>
<b>Sent:</b> Wednesday, October 08, 2014 1:37 PM<br>
<b>To:</b> Jason Aarons (AM)<br>
<b>Cc:</b> <a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br>
<b>Subject:</b> Re: [cisco-voip] CUCM 10.5 Tomcat Subject Alternate Name (SAN) (Alternatehostname) via CLI</span><o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<div>
<p class="MsoNormal">I thought you could only add a single SAN via command line.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
<div>
<p class="MsoNormal">On Wed, Oct 8, 2014 at 11:20 AM, Jason Aarons (AM) <<a href="mailto:jason.aarons@dimensiondata.com" target="_blank">jason.aarons@dimensiondata.com</a>> wrote:<o:p></o:p></p>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<p><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">Trying to add an alternatehostname in CUCM 10.5 I got the below error. Anyone spot my problem?</span><o:p></o:p></p>
<p><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> </span><o:p></o:p></p>
<p><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">set web-security CH "Hawaii Department of Boating" Honolulu Hawaii US
<a href="http://ton.state.hi.us/" target="_blank">ton.state.hi.us</a> <a href="http://hi-it-uc-cm-p.ton.state.hi.us/" target="_blank">
HI-IT-UC-CM-P.ton.state.hi.us</a> <a href="http://myphone.ton.state.hi.us/" target="_blank">
myphone.ton.state.hi.us</a></span><o:p></o:p></p>
<p><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">Expected 4 mandatory and up to 2 non-mandatory parameter(s)<br>
but 8 parameter(s) were found</span><o:p></o:p></p>
<p><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">Executed command unsuccessfully<br>
Error executing command<br>
admin:</span><o:p></o:p></p>
<p><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> </span><o:p></o:p></p>
<p><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">Names changed to protect the innocent :)</span><o:p></o:p></p>
<p><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> </span><o:p></o:p></p>
<p><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> </span><o:p></o:p></p>
<p><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">admin:set web-security ?<br>
Syntax:<br>
set web-security orgunit orgname locality state [country] [alternatehostname]<br>
orgunit mandatory organizational unit<br>
orgname mandatory organizational name<br>
locality mandatory location of organization<br>
state mandatory state of organization<br>
country optional country code can not be changed<br>
alternatehostname optional alternate host name</span><o:p></o:p></p>
<p><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">admin:set web-security</span><o:p></o:p></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
_______________________________________________<br>
cisco-voip mailing list<br>
<a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br>
<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><o:p></o:p></p>
</blockquote>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<p class="MsoNormal">_______________________________________________<br>
cisco-voip mailing list<br>
<a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br>
<a href="https://puck.nether.net/mailman/listinfo/cisco-voip">https://puck.nether.net/mailman/listinfo/cisco-voip</a><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</div>
</div>
</blockquote>
</body>
</html>