<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<div>
<div style="font-family: Calibri,sans-serif; font-size: 11pt;">3rd party CA signed is important for an actual BYOD strategy so you're not doing certificate deployment to non-corporate devices. Granted it costs a bit more but the I rather pay that vs. Managing
an internal CA properly.<br>
<br>
Sent from my Windows Phone</div>
</div>
<div dir="ltr">
<hr>
<span style="font-family: Calibri,sans-serif; font-size: 11pt; font-weight: bold;">From:
</span><span style="font-family: Calibri,sans-serif; font-size: 11pt;"><a href="mailto:chrward@cisco.com">Chris Ward (chrward)</a></span><br>
<span style="font-family: Calibri,sans-serif; font-size: 11pt; font-weight: bold;">Sent:
</span><span style="font-family: Calibri,sans-serif; font-size: 11pt;">10/29/2014 2:43 PM</span><br>
<span style="font-family: Calibri,sans-serif; font-size: 11pt; font-weight: bold;">To:
</span><span style="font-family: Calibri,sans-serif; font-size: 11pt;"><a href="mailto:jason.aarons@dimensiondata.com">Jason Aarons (AM)</a>;
<a href="mailto:cisco-voip@puck.nether.net">cisco-voip (cisco-voip@puck.nether.net)</a></span><br>
<span style="font-family: Calibri,sans-serif; font-size: 11pt; font-weight: bold;">Subject:
</span><span style="font-family: Calibri,sans-serif; font-size: 11pt;">Re: [cisco-voip] Callmanager TomCat</span><br>
<br>
</div>
<style>
<!--
p.x_MsoNormal, li.x_MsoNormal, div.x_MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif"}
span.x_MsoHyperlink
{color:#0563C1;
text-decoration:underline}
span.x_MsoHyperlinkFollowed
{color:#954F72;
text-decoration:underline}
span.x_EmailStyle17
{font-family:"Calibri","sans-serif";
color:windowtext}
span.x_EmailStyle18
{font-family:"Calibri","sans-serif";
color:#1F497D}
.x_MsoChpDefault
{font-size:10.0pt}
div.x_WordSection1
{}
-->
</style>
<div lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="x_WordSection1">
<p class="x_MsoNormal"><span style="color:#1F497D">IP/Hostname isn’t the issue. It’s the self-signed certificate that CUCM/IMP is using.</span></p>
<p class="x_MsoNormal"><span style="color:#1F497D"> </span></p>
<p class="x_MsoNormal"><span style="color:#1F497D">The fix is either to get a cert signed by a publicly trusted cert authority like GoDaddy or Verisign OR you need a CA on the local network (AD) that the Windows system trusts (has the root cert loaded) and
use that to generate a new cert for CUCM.</span></p>
<p class="x_MsoNormal"><span style="color:#1F497D"> </span></p>
<p class="x_MsoNormal"><span style="color:#1F497D">The latter is free except for time and allows a little more flexibility.</span></p>
<p class="x_MsoNormal"><span style="color:#1F497D"> </span></p>
<div>
<p class="x_MsoNormal"><span style="color:#44546A">+Chris</span></p>
<p class="x_MsoNormal"><span style="color:#44546A">TME - MediaSense and Unity Connection</span></p>
</div>
<p class="x_MsoNormal"><span style="color:#1F497D"> </span></p>
<div>
<div style="border:none; border-top:solid #E1E1E1 1.0pt; padding:3.0pt 0in 0in 0in">
<p class="x_MsoNormal"><b>From:</b> cisco-voip [mailto:cisco-voip-bounces@puck.nether.net]
<b>On Behalf Of </b>Jason Aarons (AM)<br>
<b>Sent:</b> Wednesday, October 29, 2014 1:47 PM<br>
<b>To:</b> cisco-voip (cisco-voip@puck.nether.net)<br>
<b>Subject:</b> [cisco-voip] Callmanager TomCat</p>
</div>
</div>
<p class="x_MsoNormal"> </p>
<p class="x_MsoNormal"><span style="color:#1F497D">Customer is asking if they can leave CallManager > CCMAdmin > Server > IP address and change the Tomcat Certificate to IP Address for Jabber for Windows client to be happy and not prompt an error first time
opening? Can you even do that in CUCM? So keep the ip address as the Subject Alternate Name?</span></p>
<p class="x_MsoNormal"><span style="color:#1F497D"> </span></p>
<p class="x_MsoNormal"><span style="color:#1F497D"> </span></p>
<p class="x_MsoNormal"> </p>
</div>
</div>
</body>
</html>