McDewey

Multi-vendor documentation library · semantic search · MCP endpoint at /mcp

Page 177

↗ View in doc context
page
177
source
unity-connection/v15/admin-guide/admin-guide.md
chunk_id
unity-connection::v15::admin-guide::admin-guide::159

Uploading SSL Certificates on the Cisco Unity Connection 9.x Server If you want to use SSL to encrypt data transmitted between the LDAP server and the Unity Connection server, check the Use SSL check box for each LDAP server that you configure for synchronization. To upload SSL certificates, do the following procedure. Procedure Step 1 Export the SSL certificates from the following LDAP servers: • Each LDAP server with which Unity Connection should synchronize data. • Each LDAP server that Unity Connection user should access to authenticate user sign-ins. • Each redundant LDAP server which you want Unity Connection to synchronize or authenticate. Step 2 In Cisco Unified Operating System Administration, expand Security and select Certificate Management > . Step 3 To upload the SSL certificate you exported in Step 1, do the following steps: • Select the Upload Certificate/ Certificate chain option. • Select tomcat-trust from the Certificate Purpose drop-down list. • Select Browse in the Upload File field to upload the SSL certificate. • Restart the Cisco DirSync and Cisco Tomcat services to avoid failures in LDAP synchronization and authentication. Step 4 To restart Cisco DirSync service, do the following steps: • In Cisco Unified Serviceability, expand Tools and select Service Activation. • On the Service Activation page, uncheck the Cisco DirSync service field and select Save. • Check the Cisco DirSync service field and select Save. To restart the Cisco Tomcat service, run the CLI command utils service restart Cisco Tomcat. Configuring LDAP Authentication in Unity Connection The LDAP directories supported for LDAP synchronization are also supported for LDAP authentication. LDAP authentication authenticates Unity Connection user data against the user data in the LDAP directory, so that: • Passwords that allow Unity Connection users gain single sign-on access on Unity Connection web applications, such as Cisco Unity Connection Administration and Cisco PCA. • Passwords that are required to sign in to IMAP email applications to access Unity Connection voicemails. If LDAP authentication is enabled, the web application password field does not appear in Cisco Unity Connection Administration and can only be managed from the LDAP directory. System Administration Guide 159 LDAP Uploading SSL Certificates on the Cisco Unity Connection 9.x Server