McDewey

C H A P T E R 5 Certificates • Certificate Management, on page 39 • Certificate Monitoring and Revocation, on page 64 • Simplified Certificate Management, on page 67 Certificate Management Certificate Management feature provides an overview of the various certificate types, tasks involved to manage certificates, and how to monitor and revoke certificates. Certificate Overview Certificates are critical for establishing secure connections in a deployment. They authenticate individuals, computers, and other services on the network. Implementing certificate management provides a good level of protection while reducing complexity. A Certificate is a file that proves the identity of the certificate owner and contains the following information: • Certificate Holder Name • Public Key • Digital Signature of the Certificate Authority issuing the Certificate Unified Communications Manager uses certificates that use the Public Key Infrastructure (PKI) to enable encryption and validate server - client identity. It doesn't trust other systems and denies access, unless it has a matching certificate in the appropriate trust store. Root Certificates secure connections between users and hosts, including devices and application users. Certificates secure and add the client and server identities to the root trust stores. Administrators can view the fingerprint of server certificates, regenerate self-signed certificates, and delete trust certificates from Unified Communications Manager interface. They can also regenerate and view self-signed certificates using CLI. For more information on how to update the Unified Communications Manager trust store and manage certificates, see Administration Guide for Cisco Unified Communications Manager. Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 39