McDewey

Following are the scenarios to upload the various certificates: Table 15: Upload Certificate Scenarios Actions Scenarios Upload the CA root certificate. CA root and HTTPS certificates are same. Upload the CA root certificate. CA root and HTTPS certificates are different and the same CA root certificate issues the HTTPS certificates. Upload the CA root certificate. CA root certificate issues the intermediate CA and HTTPS certificates which are different. Upload CA root and HTTPS certificate. The same CA root certificate issues CA root and HTTPS certificates which are different. We recommend using CAPF during a scheduled maintenance window as generating multiple certificates simultaneously may cause call-processing interruptions. Note Certificates Authority Proxy Function Configuration Task Flow Complete these tasks to configure the Certificate Authority Proxy Function (CAPF) service to issue LSCs for endpoints: You don't have to restart the CAPF service after regenerating or uploading the new CAPF certificate. Note Procedure Purpose Command or Action If you want your LSCs to be third-party CA-signed, upload the CA root certificate chain to the CAPF-trust store. Otherwise, you can skip this task. Upload Root Certificate for Third Party CAs Step 1 Upload the CA root certificate to the Unified Communications Manager Trust store. Upload Certificate Authority (CA) Root Certificate , on page 75 Step 2 Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 73 Basic System Security Certificates Authority Proxy Function Configuration Task Flow