McDewey

The system does not distribute trust certificates to other cluster node automatically. If you must have the same certificate on more than one node, you must upload the certificate to each node individually. Note Upload Certificate or Certificate Chain Step 1 Navigate to Security > Certificate Management. The Certificate List window appears. Step 2 Click Upload Certificate or Certificate Chain. The Upload Certificate or Certificate Chain dialog box opens. Step 3 Select the certificate name from the Certificate Purpose list. Step 4 Select the file to upload by performing one of the following steps: • In the File Upload text box, enter the path to the file, or • Click the Browse button and navigate to the file; then, click Open. Cisco Unified CCX supports Privacy Enhanced Mail (PEM) Base64 encoded format of X.509 certificate (only one PEM certificate in a file), Distinguished Encoding Rules (DER) format of X509 Certificate and DER format of PKCS#7 (Public-Key Cryptography Standards) Certificate Chain. The system does not support PEM format of PKCS#7 Certificate Chain. Step 5 Click the Upload button to upload the file to the server. After you upload a certificate, you must restart the Unified CCX server. In the case of high availability deployments, restart both the nodes. Note Directory Trust Certificate Uploading a Directory Trust Certificate is not applicable for Unified CCX. Note Obtain Third-Party CA Certificates Cisco Unified Operating System supports certificates that a third-party Certificate Authority (CA) issues with PKCS # 10 Certificate Signing Request (CSR). The following table provides an overview of this process, with references to more documentation: Step 1 Generate a CSR on the server. See Generate Certificate Signing Request, on page 25. Step 2 Download the CSR to your PC. See Download Certificate Signing Request, on page 25. Cisco Unified Operating System Administration Guide for Cisco Unified CCX and Cisco Unified IP IVR, Release 12.5(1) SU3 24 Security Upload Certificate or Certificate Chain