McDewey

Multi-vendor documentation library · semantic search · MCP endpoint at /mcp

Page 228

↗ View in doc context
page
228
source
cucm/v15/security-guide/security-guide.md
chunk_id
cucm::v15::security-guide::security-guide::228

Ensure that both the Unified Communications Manager and IM and Presence Service are on the same release versions. Important Set Minimum TLS Version You can configure the minimum TLS version for Unified Communications Manager. Before you set the minimum TLS version, make sure that your network devices and applications both support the minimum TLS version configured. This note is applicable only for Release 15SU2. The minimum TLS version does not have any impact on the calendaring service vendor. It will negotiate with the maximum supported TLS version of the calendaring service. The IM and Presence Service displays an error message when the minimum TLS version is set to 1.3. Important Procedure Step 1 Log in to the Command Line Interface. Step 2 To confirm the existing TLS version, run the show tls min-version CLI command. Step 3 Run the set tls min-version <minimum> CLI command where <minimum> represents the TLS version. For example, run set tls min-version 1.3 to set the minimum TLS version to 1.3. Note • From Release 15SU2 onwards, the minimum TLS version is supported cluster-wide and any change to the Unified Communications Manager Publisher node is replicated across all other nodes in the cluster. You must also configure the minimum TLS version on IM and Presence Service separately. Perform Step 3 on both the Unified Communications Manager and IM and Presence Service Publisher nodes separately and restart all the nodes in the clusters for the changes to take effect. • In Release 15SU2, IM and Presence Service supports TLS 1.3 connections only with the Oracle database. For IM and Presence Service connections over TLS with MSSQL database, TLS 1.3 is not supported. • In Release 15SU2, the IM and Presence Service does not support connections with MSSQL database over TLS 1.3. Hence, setting the minimum TLS version to 1.3 must be avoided in case of active TLS connections between the IM and Presence Service and MSSQL database. For more information on the supported TLS versions for IM and Presence Service, see the Database Setup Guide for the IM and Presence Service. Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 210 Basic System Security Set Minimum TLS Version