<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Segoe UI";
panose-1:2 11 5 2 4 2 4 2 2 3;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;
mso-ligatures:none;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">It sounds like something is different between the old and new certs (besides the dates). As far as clients accessing Unity via a browser, the callmanager-trust certs are not involved. I’m not even sure they are used at all on a Unity server.
I’ve never touched them.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I would take a look at the old and new certs and make sure the subject and SAN fields are all the same. There can be a lot of reasons for cert errors and the errors are all similar and hard to diagnose without access to the browser throwing
the error, but that’s the first thing I would check. <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div dir="ltr" style="mso-line-height-rule:exactly;-webkit-text-size-adjust:100%;font-size:1px;direction:ltr;"><table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:1px;"><tr style="font-size:0;"><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0;"><tr style="font-size:0;"><td style="padding:0 10px 0 0;"> </td><td align="left" style="padding:10px 0 10px 10px;vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0;"><tr style="font-size:0;"><td align="left" style="vertical-align:middle;"><table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0;"><tr style="font-size:0;"><td align="left" style="padding:5px;vertical-align:middle;"><table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0;"><tr style="font-size:0;"><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0;"><tr style="font-size:0;"><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0;"><tr style="font-size:0;"><td align="left" style="padding:0;vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0;line-height:normal;"><tr style="font-size:0;"><td align="left" style="padding:0 15px 0 0;border-top:none;border-right:none;border-bottom:none;border-left:solid 3px #F3800B;vertical-align:top;"><img src="cid:image726917.jpg@02F37486.DAAD833D" width="100" height="100" border="0" alt="" style="width:100px;min-width:100px;max-width:100px;height:100px;min-height:100px;max-height:100px;font-size:0;" /></td></tr></table></td><td align="left" style="padding:0;vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0;"><tr style="font-size:0;"><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0;color:#808080;font-style:normal;font-weight:700;white-space:nowrap;"><tr style="font-size:0;"><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0;color:#F3800B;font-style:normal;font-weight:700;white-space:nowrap;"><tr style="font-size:17px;"><td align="left" style="padding:0 0 3px;vertical-align:top;font-family:Calibri,Arial,sans-serif;">Matthew Loraditch<span style="font-family:remialcxesans;font-size:1px;color:#FFFFFF;line-height:1px;"></span></td></tr></table></td></tr><tr style="font-size:14.67px;"><td align="left" style="vertical-align:top;font-family:Calibri,Arial,sans-serif;">Sr. Network Engineer</td></tr></table></td></tr><tr style="font-size:0;"><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0;color:#808080;font-style:normal;font-weight:400;white-space:nowrap;"><tr style="font-size:14.67px;"><td align="left" style="padding:5px 0 0;vertical-align:top;font-family:Calibri,Arial,sans-serif;"><span style="color:#F3800B;">direct:</span> <a href="tel:443.541.1518" target="_blank" id="LPlnk689713" style="text-decoration:none;color:#808080;"><strong style="font-weight:400;">443.541.1518</strong></a></td></tr></table></td></tr><tr style="font-size:0;"><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0;color:#808080;font-style:normal;font-weight:400;white-space:nowrap;"><tr style="font-size:14.67px;"><td align="left" style="padding:5px 0 12px;vertical-align:top;font-family:Calibri,Arial,sans-serif;"><span style="color:#F3800B;">e:</span> <a href="mailto:MLoraditch@heliontechnologies.com" target="_blank" id="LPlnk689713" style="text-decoration:none;color:#808080;"><strong style="font-weight:400;">MLoraditch@heliontechnologies.com</strong></a></td></tr></table></td></tr></table></td></tr></table></td></tr></table></td></tr><tr style="font-size:0;"><td align="left" style="vertical-align:middle;"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0;"><tr style="font-size:0;"><td align="left" style="vertical-align:bottom;"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0;line-height:normal;"><tr style="font-size:0;"><td align="left" style="padding:15px 0 0;vertical-align:bottom;"><a href="http://www.heliontechnologies.com/" target="_blank" id="LPlnk689713" style="text-decoration:none;"><img src="cid:image364649.png@889D6800.51BE90D3" width="300" height="75" border="0" title="Helion Technologies" alt="Helion Technologies" style="width:300px;min-width:300px;max-width:300px;height:75px;min-height:75px;max-height:75px;font-size:12px;" /></a></td></tr></table></td></tr><tr style="font-size:0;"><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0;"><tr style="font-size:0;"><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0;"><tr style="font-size:0;"><td align="left" style="padding:13px 20px 10px 5px;vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0;"><tr style="font-size:0;"><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0;line-height:normal;"><tr style="font-size:0;"><td align="center" style="padding:0 3px 0 0;vertical-align:top;"><a href="https://facebook.com/heliontech" target="_blank" id="LPlnk689713" style="text-decoration:none;"><img src="cid:image390733.png@AEB017F3.4A7B2943" width="18" height="18" border="0" title="Facebook" alt="Facebook" style="width:18px;min-width:18px;max-width:18px;height:18px;min-height:18px;max-height:18px;font-size:12px;" /></a></td></tr></table></td><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0;line-height:normal;"><tr style="font-size:0;"><td align="center" style="padding:0 3px 0 0;vertical-align:top;"><a href="https://twitter.com/heliontech" target="_blank" id="LPlnk689713" style="text-decoration:none;"><img src="cid:image417223.png@B5603C7C.8E596461" width="18" height="18" border="0" title="Twitter" alt="Twitter" style="width:18px;min-width:18px;max-width:18px;height:18px;min-height:18px;max-height:18px;font-size:12px;" /></a></td></tr></table></td><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="width:100%;font-size:0;line-height:normal;"><tr style="font-size:0;"><td align="center" style="padding:0 3px 0 0;vertical-align:top;"><a href="https://www.linkedin.com/company/helion-technologies" target="_blank" id="LPlnk689713" style="text-decoration:none;"><img src="cid:image226436.png@2BB345D9.CC91EF4A" width="18" height="18" border="0" title="LinkedIn" alt="LinkedIn" style="width:18px;min-width:18px;max-width:18px;height:18px;min-height:18px;max-height:18px;font-size:12px;" /></a></td></tr></table></td></tr></table></td></tr></table></td><td align="left" style="vertical-align:top;"><table cellpadding="0" cellspacing="0" border="0" style="font-size:0;color:#808080;font-style:normal;font-weight:400;white-space:nowrap;"><tr style="font-size:14.67px;"><td align="left" style="padding:15px 0 5px;vertical-align:top;font-family:Calibri,Arial,sans-serif;"><a href="http://www.heliontechnologies.com/" target="_blank" id="LPlnk689713" style="text-decoration:none;color:#808080;"><strong style="font-weight:400;">www.heliontechnologies.com</strong></a></td></tr></table></td></tr></table></td></tr></table></td></tr><tr style="font-size:0;line-height:normal;"><td align="left" style="vertical-align:top;"><a href="https://www.buzzsprout.com/1734656" target="_blank" id="LPlnk689713" style="text-decoration:none;"><img src="cid:image260656.jpg@A36A7FA7.5AEFD459" width="450" height="90" border="0" title="Helion Bite-Size Podcast" alt="Helion Bite-Size Podcast" style="width:450px;min-width:450px;max-width:450px;height:90px;min-height:90px;max-height:90px;font-size:12px;" /></a></td></tr></table></td></tr></table></td></tr></table></td></tr></table></td></tr></table></div><div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> cisco-voip <cisco-voip-bounces@puck.nether.net>
<b>On Behalf Of </b>Terry Oakley<br>
<b>Sent:</b> Wednesday, May 24, 2023 11:35 AM<br>
<b>To:</b> 'voip puck' <cisco-voip@puck.nether.net><br>
<b>Subject:</b> [cisco-voip] Certificate issue and I am rubbish at certificates. (full disclosure)<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:solid #9C6500 1.0pt;padding:2.0pt 2.0pt 2.0pt 2.0pt">
<p class="MsoNormal" style="line-height:12.0pt;background:#FFEB9C"><span style="font-size:10.0pt;color:#9C6500">[EXTERNAL]</span><span style="font-size:10.0pt;color:black"><o:p></o:p></span></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">On our Unity Connection server the certificates for Tomcat and Tomcat trust expired over the weekend, my oversight. I regenerated the certificates and both are now year 2028 expiry date. But we still get the same error if someone is
trying to access their inbox (<a href="https://server/inbox/">https://server/inbox/</a>) (error is
<span style="font-size:11.5pt;font-family:"Segoe UI",sans-serif;color:#5F6368;background:white">
You cannot visit server right now because the website uses HSTS)</span><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I noticed that there is a CallManager-Trust certificate that expired on the same day as the Tomcat certs. The CallManager-Trust certificate is issued by the CA (CA signed) but when I go to Generate a CSR I don’t have the option to choose
CallManager-Trust or Trust . I have Tomcat, Tomcat ecdsa or ipsec. The common name for the expired CallManager-Trust certificate is the UnityConnection server that users cannot get too. Little confused as to where this CallManager Trust certificate can
be generated from. <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thank you<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Terry<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</body>
</html>