McDewey

Multi-vendor documentation library · semantic search · MCP endpoint at /mcp

Page 61

↗ View in doc context
page
61
source
cucm/v15/security-guide/security-guide.md
chunk_id
cucm::v15::security-guide::security-guide::49

The following additional trust store exists: • Common trust store for Tomcat and web applications • IPSec-trust • CAPF-trust • Userlicensing-trust • TVS-trust • Phone-SAST-trust • Phone-CTL-trust For more information about CA trust certificates for Cisco Unity Connection, see the Administration Guide for Cisco Unified Communications Manager. These trust-certificates secure connections to Exchange or Meeting Place Express for fetching e-mails, calendar information, or contacts. Third-Party CA-Signed Certificates CA-Signed certificates are trusted third party certificates which signs and issues digital certificates. By default, Unified Communications Manager uses self-signed certificates for all connections. However, you can add security by configuring a third-party CA to sign certificates. To use a third-party CA, install the CA root certificate chain in Cisco Unified Communications Manager Administration. To issue CA-signed certificates, submit a Certificate Signing Request (CSR) so that the CA can issue and sign a certificate. For details on how to Upload, Download, and View Certificates, see the Self-Signed Certificates section. Configuration If you want to use CA-signed certificates from another system connecting to Unified Communications Manager, do the following in Cisco Unified Communications Manager Administration: • Upload the root certificate chain of the CA that signed the certificates. • Upload the CA-signed certificates from the other system. If you want to use CA-signed certificates for Unified Communications Manager: • Complete a CSR to request CA-signed certificates in Cisco Unified Communications Manager Administration. • Download both the CA root certificate chain and the CA-signed certificates in Cisco Unified Communications Manager Administration • Upload both the CA root certificate chain and the CA-signed certificates. For details on how to obtain and configure root certificates for your CA, see the Certificate Authority documentation. Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 43 Basic System Security Third-Party CA-Signed Certificates