/mcpTip Choose the Troubleshoot option in the CAPF settings section from the Phone Configuration page, to verify whether an LSC or MIC exists in the phone in Unified Communications Manager. The Delete and Troubleshoot options don't appear when a certificate doesn't exist in the phone. Tip You can also verify that an LSC or MIC exists in the phone by checking the security configuration on the phone. For more information, see the administration guides for Cisco Unified IP Phones that support this version of Unified Communications Manager. Step 4 If a certificate doesn't exist, install an LSC by using the CAPF functionality on the Phone Configuration window. For information on how to install an LSC, see topics related to the Certificate Authority Proxy Function. Step 5 Click Save after you configure the CAPF settings. Step 6 Click Reset. The phone requests an encrypted configuration file from the TFTP server after the phone resets. Update CTL File Update the CTL file, when you have done any modifications to Unified Communications Manager. Since you have enabled the TFTP file encryption, you have to regenerate the CTL file. Procedure Step 1 Log in to the Command Line Interface. Step 2 On the publisher node, run the utils ctl update CTLfile command. Restart Services After you have completed your encrypted TFTP configuration file updates, make sure that you restart your Cisco TFTP and Cisco CallManager services for the changes to take effect. Procedure Step 1 From Cisco Unified Serviceability, choose Tools > Control Center – Feature Services. Step 2 Choose the following two services. • Cisco CallManager • Cisco TFTP Step 3 Click Restart. However, after regenerating or updating CallManager certificate, you don't have to manually restart TFTP service. Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 109 Basic System Security Update CTL File