Cisco TelePresence Administrator's Manual page 73
Video communication server
Hide thumbs
Also See for TelePresence:
- Administrator's manual (498 pages) ,
- Manual (24 pages) ,
- Specifications (7 pages)
Table of Contents
Advertisement
Unified Communications
To generate a CSR and /or to upload a server certificate to the VCS, go to
l
certificates > Server
2. Install on both VCSs the trusted Certificate Authority (CA) certificates of the authority that signed the
VCS's server certificates, and, if appropriate, the authority that signed the endpoints' certificates. The
VCS Control must also trust the Unified CM and IM&P tomcat certificate.
To upload trusted Certificate Authority (CA) certificates to the VCS, go to
certificates > Trusted CA
take effect.
VCS Control server certificate requirements
The VCS Control server certificate needs to include the following elements in its list of subject alternate
names:
The Chat Node Aliases that are configured on the IM and Presence servers. These are required only for
n
Unified Communications XMPP federation deployments that intend to use both TLS and group chat. (Note
that Unified Communications XMPP federation will be supported in a future VCS release).
The VCS Control automatically includes the chat node aliases in the CSR, providing it has discovered a
set of IM&P servers.
The names, in FQDN format, of all of the Phone Security Profiles in Unified CM that are configured for
n
encrypted TLS and are used for devices requiring remote access. This ensures that Unified CM can
communicate with VCS Control via a TLS connection when it is forwarding messages from devices that
are configured with those security profiles.
A new certificate may need to be produced if chat node aliases are added or renamed, such as when an IM
and Presence node is added or renamed, or if new TLS phone security profiles are added. You must restart
the VCS Control for any new uploaded server certificate to take effect.
VCS Expressway server certificate requirements
The VCS Expressway server certificate needs to include the following elements in its list of subject alternate
names:
All of the domains which have been configured for Unified Communications. They are required for secure
n
communications between endpoint devices and VCS Expressway.
This should include the email address domain entered by users of the client application (e.g. Jabber) and
any presence domains (as configured on the VCS Control) if they are different. There is no need to include
the domains in DNS-SEC deployments.
The same set of Chat Node Aliases as entered on the VCS Control's certificate, if you are deploying
n
federated XMPP.
Note that the list of required aliases can be viewed (and copy-pasted) from the equivalent
page on the VCS Control.
A new certificate must be produced if new presence domains or chat node aliases are added to the system.
You must restart the VCS Expressway for any new uploaded server certificate to take effect.
See
Certificate Creation and Use With VCS Deployment Guide
upload the VCS's server certificate and how to upload a list of trusted certificate authorities.
Cisco VCS Administrator Guide (X8.1.1)
certificate. You must restart the VCS for the new server certificate to take effect.
certificate. You must restart the VCS for the new trusted CA certificate to
Configuring mobile and remote access on VCS
Maintenance > Security
Maintenance > Security
for full information about how to create and
Generate CSR
Page 73 of 507
Advertisement
Table of Contents
Related Manuals for Cisco TelePresence
Related Products for Cisco TelePresence
- Cisco TelePresence Video Communication Server
- Cisco TD 92322GB
- Cisco TS MSE 8710
- Cisco TELEPRESENCE CALL DETAIL RECORDS FILE FORMAT -
- Cisco TELEPRESENCE MCU ACCESSING CONFERENCES -
- Cisco TelePresence System Codec C90: Profile 65"
- Cisco TELEPRESENCE MANAGEMENT SUITE
- Cisco TelePresence VX Clinical Assistant