/mcpRegenerate ITLRecovery Certificate Do not regenerate the ITLRecovery Certificate very frequently as this certificate has a long validity with phones and also it contains the CallManager Certificate. Warning Regenerate ITLRecovery Certificate for Non-Secure Cluster 1. Verify if the ITL File is valid and that all phones in the cluster trust the current ITL File. 2. Regenerate the ITLRecovery Certificate. Navigate to the publisher in each cluster to regenerate the ITLRecovery Certificate. a. From the Unified OS Administration, choose Security > Certificate Management b. Click Find. The Certificate List window appears. c. Click the ITLRecovery.pem Certificate link from the list of certificates displayed. d. Click Regenerate, to regenerate the ITLRecovery Certificate. e. In the confirmation message pop-up, click OK. 3. Sign the ITL file using utils itl reset localkey in the CallManager Certificate to accept the new ITL file. 4. Reset in batches all the phones in the cluster. Make sure all the phones in the cluster are registered. Note 5. Restart TFTP Service to have the ITL file re-signed by the New ITLRecovery Certificate. New ITLRecovery Certificates are uploaded on phones while they reset. 6. Reset in batches all phones in the cluster for a second time to pick up the new ITL File. 7. Phones are uploaded with the new ITLRecovery Certificate after the reset. Regenerate ITLRecovery Certificate for Secure Cluster If you want to migrate from a token based ITL file to tokenless ITL file, refer the migration section in security guide. 1. Verify if the ITL File is valid and that all phones in the cluster trust the current ITL File. 2. Verify the CTL File using show ctl command. 3. Regenerate the ITLRecovery Certificate. Navigate to the publisher in each cluster to regenerate the ITLRecovery Certificate. a. From the Unified OS Administration, Choose Security > Certificate Management > Find Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 60 Basic System Security Regenerate ITLRecovery Certificate