Configure Certificates for an On-Premises Deployment
Certificates are required for each service to which the Jabber clients connect.
Procedure
Command or Action | Purpose | |
---|---|---|
Step 1 |
If you have Cisco Unified Presence or Cisco Unified Communications Manager IM and Presence Service, download the applicable HTTP (tomcat) and XMPP certificates. |
For more information, see the Security Configuration on IM and Presence Service chapter in Configuration and Administration of IM and Presence Service on Cisco Unified Communications Manager. |
Step 2 |
Download the HTTPS (tomcat) certificate for Cisco Unified Communications Manager and Cisco Unity Connection. |
For more information, see the Cisco Unified Communications Manager Security Guide and the Cisco Unified Communications Operating System Administration Guide found here. |
Step 3 |
Download the HTTP (tomcat) for Webex Meetings Server. |
For more information, see the Cisco Webex Meetings Server Administration Guide found here. |
Step 4 |
If you plan to configure remote access, download the Cisco VCS Expressway and Cisco Expressway-E Server certificate. The Server certificate is used for both HTTP and XMPP. |
For more information, see Configuring Certificates on Cisco VCS Expressway. |
Step 5 |
Generate a Certificate Signing Request (CSR). |
|
Step 6 |
Upload the certificate to the service. |
If you use a multiserver SAN, you only need to upload a certificate to the service once per cluster per tomcat certificate and once per cluster per XMPP certificate. If you do not use a multiserver SAN, then you must upload the certificate to the service for every Cisco Unified Communications Manager node. |
Step 7 |
To ensure that certificate validation occurs without users receiving a prompt to accept or decline certificates, deploy certificates to the local certificate store of the clients. |