McDewey

Purpose Command or Action View a list of pending CAPF CSR files. All CSR files are timestamped. View Pending CSR List Step 3 Delete stale LSC certificates from the system. Delete Stale LSC Certificates Step 4 Run Stale LSC Report Use this procedure to run a Stale LSC report from Cisco Unified Reporting. Stale LSCs are certificates that were generated in response to an endpoint CSR, but were never installed because a new CSR was generated by the endpoint before the stale LSC was installed. You can also obtain a list of stale LSC certificates by running the utils capf stale-lsc list CLI command on the publisher node. Note Procedure Step 1 From Cisco Unified Reporting, choose System Reports. Step 2 In the left navigation bar, choose Stale LSCs. Step 3 Click Generate a new report. LSC Generation via CAPF After you configure CAPF, add the configured authentication string on the phone. The keys and certificate exchange occurs between the phone and CAPF and the following occurs: • The phone authenticates itself to CAPF using the configured authentication method. • The phone generates its public-private key pair. • The phone forwards its public key to CAPF in a signed message. • The private key remains in the phone and never gets exposed externally. • CAPF signs the phone certificate and sends the certificate to the phone in a signed message. Be aware that the phone user can abort the certificate operation or view the operation status on the phone. Note Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 82 Basic System Security Run Stale LSC Report