Security Certificate Configuration for IM and Presence Service



Similar documents
etoken Enterprise For: SSL SSL with etoken

Setting Up SSL on IIS6 for MEGA Advisor

Security certificate management

Exchange 2010 PKI Configuration Guide

Generating an Apple Push Notification Service Certificate for use with GO!Enterprise MDM. This guide provides information on...

Secure IIS Web Server with SSL

Wavecrest Certificate

Generating an Apple Push Notification Service Certificate for use with GO!Enterprise MDM. This guide provides information on...

Generating an Apple Push Notification Service Certificate

Application Notes for Microsoft Office Communicator Clients with Avaya Communication Manager Phones - Issue 1.1

ECA IIS Instructions. January 2005

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

e-cert (Server) User Guide For Microsoft IIS 7.0

Set Up Certificate Validation

Creating the Certificate Request

Load Balancer Configuration for Redundancy for SIP Federation

DMZ Server monitoring with

Using Microsoft s CA Server with SonicWALL Devices

How to Obtain an APNs Certificate for CA MDM

Microsoft OCS with IPC-R: SIP (M)TLS Trunking. directpacket Product Supplement

Using a custom certificate for SSL inspection

WHITE PAPER Citrix Secure Gateway Startup Guide

CLIENT CERTIFICATE (EAP-TLS USE)

Junio SSL WebLogic Oracle. Guía de Instalación. Junio, SSL WebLogic Oracle Guía de Instalación CONFIDENCIAL Página 1 de 19

SSL Interception on Proxy SG

Using Internet or Windows Explorer to Upload Your Site

How to Reinstall SQL Server 2005

mailtunnel Quick Guide ENCRYPTED TUNNEL COMENDO DATA CENTER SECURITY CENTER SPAM+VIRUS LOGS

HP Device Manager 4.7

Using CertAgent to Obtain Domain Controller and Smart Card Logon Certificates for Active Directory Authentication

SolarWinds Technical Reference

Configuring a Windows 2003 Server for IAS

+27O.557+! RM Auditor Additions - Web Monitor. Contents

Configuring Windows 7 to Use Encrypted (WPA-E) Wireless Services a...

ASA 8.x Manually Install 3rd Party Vendor Certificates for use with WebVPN Configuration Example

This section includes troubleshooting topics about certificates.

Customer Tips. Xerox Network Scanning HTTP/HTTPS Configuration using Microsoft IIS. for the user. Purpose. Background

Lab 05: Deploying Microsoft Office Web Apps Server

Step-by-Step Guide for Creating and Testing Connection Manager Profiles in a Test Lab

Marriott Enrollment Server for Web User Guide V1.4

BASIC CLASSWEB.LINK INSTALLATION MANUAL

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.

Certificate technology on Pulse Secure Access

Configure SPLM 2012 on Windows 7 Laptop

Blue Coat Security First Steps Solution for Controlling HTTPS

Step-by-step installation guide for monitoring untrusted servers using Operations Manager (Part 1 of 3)

Certificate technology on Junos Pulse Secure Access

Lab A: Deploying and Managing Software by Using Group Policy Answer Key

SSL Intercept Mode. Certificate Installation Guide. Revision Warning and Disclaimer

Troubleshooting smart card logon authentication on active directory

Browser-based Support Console

1/4/12 Installing and Configuring WebDAV on IIS 7 : WebDAV for IIS 7.0 : Publishing Content to Web Sites : T

Certificates for computers, Web servers, and Web browser users

Installation Guide. SafeNet Authentication Service

Verify LDAP over SSL/TLS (LDAPS) and CA Certificate Using Ldp.exe

Configuring Load Balancing

APNS Certificate generating and installation

e-cert (Server) User Guide For Microsoft Exchange Server 2010

To install the SMTP service:

NET UX Series with Microsoft Lync 2010 and CyberData VoIP Intercom

Deploying Microsoft Office Web Apps Server and Experiencing Collaboration Features

Implementation notes on Integration of Avaya Aura Application Enablement Services with Microsoft Lync 2010 Server.

QMX ios MDM Pre-Requisites and Installation Guide

HTTP Server Setup for McAfee Endpoint Encryption (Formerly SafeBoot) Table of Contents

IIS 6.0SSL Certificate Deployment Guide

Learning the Basics of Citrix Web Interface 4.6, Citrix Secure Gateway 3.1 and GoDaddy Wildcard SSL Certificate

Renewing an SSL Certificate Provided by a Certificate Authority (CA) on the vwlan Appliance

Configuration Guide for RFMS 3.0 Initial Configuration. WiNG 5 How-To Guide. Digital Certificates. July 2011 Revision 1.0

Microsoft Exchange 2010 and 2007

ACTIVE DIRECTORY DEPLOYMENT

Using Microsoft Expression Web to Upload Your Site

Unifying Information Security. Implementing TLS on the CLEARSWIFT SECURE Gateway

Guide for Generating. Apple Push Notification Service Certificate

Mobility Manager 9.0. Installation Guide

How To Configure CU*BASE Encryption

Reference and Troubleshooting: FTP, IIS, and Firewall Information

S/MIME on Good for Enterprise MS Online Certificate Status Protocol. Installation and Configuration Notes. Updated: October 08, 2014

Learn how to create web enabled (browser) forms in InfoPath 2013 and publish them in SharePoint InfoPath 2013 Web Enabled (Browser) forms

CTERA Portal Datacenter Edition

CBH Provider EDI Browser Manual

IISADMPWD. Replacement Tool v1.2. Installation and Configuration Guide. Instructions to Install and Configure IISADMPWD. Web Active Directory, LLC

Microsoft Entourage 2008 / Microsoft Exchange Server Installation and Configuration Instructions

Configuration (X87) SAP Mobile Secure: SAP Afaria 7 SP5 September 2014 English. Building Block Configuration Guide

Exchange Reporter Plus SSL Configuration Guide

1. If there is a temporary SSL certificate in your /ServerRoot/ssl/certs/ directory, move or delete it. 2. Run the following command:

Geomatica 10.2 Floating License Server Installation Procedures

Installation and Configuration Guide

AIMS Installation and Licensing Guide

App Orchestration 2.5

Scenarios for Setting Up SSL Certificates for View

Cox Managed CPE Services. RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft]

Netrust SSL Web Server Certificate New Application Enrolment Guide

Managing Multi-Hypervisor Environments with vcenter Server

Install the Production Treasury Root Certificate (Vista / Win 7)

TechNote. Contents. Overview. Using a Windows Enterprise Root CA with DPI-SSL. Network Security

DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication

Installing an SSL Certificate Provided by a Certificate Authority (CA) on the vwlan Appliance

INSTALLING PowerScribe Workstation Client Software On A System That Has Never Had PowerScribe Installed On It

5.6.3 Lab: Registry Backup and Recovery in Windows XP

Aspera Connect User Guide

Transcription:

Security Certificate Configuration for IM and Presence Service This topic is only applicable if you require a secure connection between IM and Presence Service and Microsoft OCS. This topic describes how to configure security certificates using a standalone CA. If you use an enterprise CA, refer to the Interdomain Federation for IM and Presence Service on Cisco Unified Communications Manager for an example of the certificate exchange procedure using an enterprise CA. Note SIP Proxy certificates (own and trust) should be X.509 version 3 compliant. Configure Standalone Root Certificate Authority (CA), page 2 Download Root Certificate from CA Server, page 2 Upload Root Certificate onto IM and Presence Service, page 3 Generate a Certificate Signing Request for IM and Presence Service, page 4 Download Certificate Signing Request from IM and Presence Service, page 4 Submit Certificate Signing Request on CA Server, page 5 Download Signed Certificate from CA Server, page 6 Upload Signed Certificate to IM and Presence Service, page 6 OL-30804-01 1

Configure Standalone Root Certificate Authority (CA) Security Certificate Configuration for IM and Presence Service Configure Standalone Root Certificate Authority (CA) Step 8 Step 9 0 1 2 3 4 5 6 7 8 9 0 1 Sign in to the CA server with Domain Administrator privileges. Insert the Windows Server 2003 CD. SelectStart > Settings > Control Panel. Double-click Add or Remove Programs. Click Add/Remove Windows Components. Select Application Server. Select Internet Information Services (IIS). Complete the installation procedure. Click Add/Remove Windows Components. Select Certificate Services. Click Next. Select Standalone root CA. Click Next. Type the name of the CA root. Note This name can be a friendly name for the CA root in the forest root. Change the time to the number of years required for this certificate. Click Next to begin installation. Select the location for the certificate database and the certificate database files. Click Next. Click Yes when prompted to stop IIS. Click Yes when prompted with a message regarding Active Server Pages. Click Finish. Download Root Certificate from CA Server, on page 2. Download Root Certificate from CA Server Configure the Standalone Root Certificate Authority. 2 OL-30804-01

Security Certificate Configuration for IM and Presence Service Upload Root Certificate onto IM and Presence Service Sign in to your CA server and open a web browser. Open the URL http://<ca_server_ip_address>/certsrv. Click on Download a CA certificate, certificate chain, or CRL. Click Base 64 for the Encoding Method. Click Download CA Certificate. Save the certificate file certnew.cer to the local disk. Troubleshooting Tips If you do not know the Subject Common Name (CN) of the root certificate, you can use an external certificate management tool to find out. On Windows operating system, you can right-click the certificate file with a.cer extension and open the certificate properties. Upload Root Certificate onto IM and Presence Service, on page 3 Configure Standalone Root Certificate Authority (CA), on page 2 Upload Root Certificate onto IM and Presence Service Download the Root Certificate from the CA Server. Copy the certnew.cer file to the local computer that you use to administer the IM and Presence Service node. Select Cisco Unified IM and Presence Operating System Administration > Security > Certificate Management. Click Upload Certificate. Select cup-trust from the Certificate Name menu. Note Leave the Root Name field blank. Click Browse. Locate the certnew.cer file on your local computer. Note You may need to change the certificate file to a.pem extension. Click Upload File. Tip Make a note of the new CA certificate filename you have uploaded to the cup-trust using the Certificate Management Find screen. This certificate filename (without the.pem or.der extension) is the value you enter in the 'Root CA' field when uploading the CA-signed SIP proxy certificate. OL-30804-01 3

Generate a Certificate Signing Request for IM and Presence Service Security Certificate Configuration for IM and Presence Service Generate a Certificate Signing Request for IM and Presence Service, on page 4 Download Root Certificate from CA Server, on page 2 Upload Signed Certificate to IM and Presence Service, on page 6 Generate a Certificate Signing Request for IM and Presence Service Upload the Root Certificate onto IM and Presence Service. Select Cisco Unified IM and Presence Operating System Administration > Security > Certificate Management. Click Generate CSR. Select cup from the Certificate Name menu. Click Generate CSR. Download Certificate Signing Request from IM and Presence Service, on page 4 Upload Root Certificate onto IM and Presence Service, on page 3 Download Certificate Signing Request from IM and Presence Service Generate a Certificate Signing Request for IM and Presence Service. 4 OL-30804-01

Security Certificate Configuration for IM and Presence Service Submit Certificate Signing Request on CA Server Select Cisco Unified IM and Presence Operating System Administration > Security > Certificate Management. Click Download CSR. Select cup from the Certificate Name menu. Click Download CSR. Click Save to save the cup.csr file to your local computer. Submit Certificate Signing Request on CA Server, on page 5 Generate a Certificate Signing Request for IM and Presence Service, on page 4 Submit Certificate Signing Request on CA Server Download the Certificate Signing Request from IM and Presence Service. Step 8 Step 9 0 Copy the certificate request file cup.csr to your CA server. Open the URL http://local-server/certserv or http://127.0.0.1/certsrv. Click Request a certificate. Click Advanced certificate request. Select Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file. Using a text editor like Notepad, open the cup self-certificate that you generated. Copy all information from and including -----BEGIN CERTIFICATE REQUEST to and including END CERTIFICATE REQUEST----- Paste the content of the certificate request into the Certificate Request text box. Click Submit. The Request ID number displays. Open Certificate Authority in Administrative Tools. The Certificate Authority window displays the request you just submitted under Pending Requests. OL-30804-01 5

Download Signed Certificate from CA Server Security Certificate Configuration for IM and Presence Service 1 2 3 Right-click on your certificate request. Select All TasksIssue. Select Issued certificates and verify that your certificate has been issued. Download Signed Certificate from CA Server, on page 6 Download Certificate Signing Request from IM and Presence Service, on page 4 Download Signed Certificate from CA Server Submit the Certificate Signing Request on the CA Server. Step 8 Open http://<local_server>/certsrv on the Windows server that CA is running on. Click View the status of a pending certificate request. Select the option to view the request that was just submitted. Click Base 64 encoded. Click Download certificate. Save the signed certificate to the local disk Rename the certificate cup.pem. Copy the cup.pem file to your local computer. Upload Signed Certificate to IM and Presence Service, on page 6 Submit Certificate Signing Request on CA Server, on page 5 Upload Signed Certificate to IM and Presence Service Download the Signed Certificate from the CA Server. 6 OL-30804-01

Security Certificate Configuration for IM and Presence Service Upload Signed Certificate to IM and Presence Service Select Cisco Unified IM and Presence Operating System Administration > Security > Certificate Management. Click Upload Certificate. Select cup from the Certificate Name menu. Specify the root certificate name. The root certificate name must contain the.pem or.der extension. Click Browse. Locate the signed cup.pem certificate on your local computer. Click Upload File. Security Certificate Configuration for Microsoft OCS Download Signed Certificate from CA Server, on page 6 OL-30804-01 7

Upload Signed Certificate to IM and Presence Service Security Certificate Configuration for IM and Presence Service 8 OL-30804-01

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information