Options
CUCM 6 w/ Secure LDAP
jezg76
Member Posts: 97 ■■□□□□□□□□
I am stuck on this and am finding the documentation to be quite scarce on this subject. I have a VM'd CUCM 6.0 box trying to establish Secure LDAP with a Windows Server 2003 DC acting as a CA. I have exported and imported certs, but always get the following error when attempting to fully synchronize. Normal LDAP works wonderfully:
I have exported CallManager.der and tomcast_cert.der and tried importing them into the DC.
I have uploaded the root cert from the DC onto the CUCM Server.
I have tried following the Help with this topic as follows, but am finding a few of the steps somewhat vague:
I definitely am a bit over my head on this, but hey, it's for testing porpoises[sic].
If anyone has any good documentation on what I am trying to do, I would be ecstatic.
Thanks and have a great weekend!
Error while Connecting to ldap://172.16.10.10:636, javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
I have exported CallManager.der and tomcast_cert.der and tried importing them into the DC.
I have uploaded the root cert from the DC onto the CUCM Server.
I have tried following the Help with this topic as follows, but am finding a few of the steps somewhat vague:
Using Third-Party CA Certificates Cisco Unified Communications Operating System supports certificates that a third-party Certificate Authority (CA) issues with PKCS # 10 Certificate Signing Request (CSR). The following table provides an overview of this process, with references to additional documentation: Task For More Information Step 1: Generate a CSR on the server. See the Generating a Certificate Signing Request topic. Step 2: Download the CSR to your PC. See the Download a Certificate Signing Request topic. Step 3: Use the CSR to obtain an application certificate from a CA. Get information about obtaining application certificates from your CA. See Obtaining Third-Party CA Certificates topic for additional notes. Step 4: Obtain the CA root certificate. Get information about obtaining a root certificate from your CA. See Obtaining Third-Party CA Certificates topic for additional notes. Step 5: Upload the CA root certificate to the server. See the Upload a Certificate topic. Step 6: Upload the application certificate to the server. See the Upload a Certificate topic. Step 7: If you updated the certificate for CAPF or Cisco Unified Communications Manager, generate a new CTL file. See the Cisco Unified Communications Manager Security Guide. Step 8: Restart the services that are affected by the new certificate. For all certificate types, restart the corresponding service (for example, restart the Tomcat service if you updated the Tomcat certificate). In addition, if you updated the certificate for CAPF or Cisco Unified Communications Manager, restart the T.F.T.P service. See the Cisco Unified Communications Manager Serviceability Administration Guide for information about restarting services.
I definitely am a bit over my head on this, but hey, it's for testing porpoises[sic].
If anyone has any good documentation on what I am trying to do, I would be ecstatic.
Thanks and have a great weekend!
policy-map type inspect TACO
class type inspect BELL
drop log
class type inspect BELL
drop log