Cisco Cisco TelePresence Management Suite (TMS) Version 15 Maintenance Manual
g. Select Personal Information Exchange - PKCS #12 (.PFX)
h. Click Next and finish the procedure.
h. Click Next and finish the procedure.
2. Export the public key:
a. Double-click the TMS certificate.
b. Click the
b. Click the
Details
tab.
c. Click the Copy to File button.
d. Select No.
d. Select No.
Do not export the private key.
e. Select Base-64 encoded X.509 (.CER).
f. Click Next and finish the procedure.
3. Give the certificate to the WebEx SSO team to enable SSO for your WebEx site.
Generating a certificate using OpenSSL
1. Generate a private key using the following command:
openssl genrsa -out tms-privatekey.pem 2048
2. Generate a certificate signing request (CSR) using the private key above:
openssl req -new -key tms-privatekey.pem -config openssl.cfg -out tms-
certcsr.pem
3. Enter the data requested, including:
l
Country
l
State or province
l
Organization name
l
Organization unit
l
Common name (this is Cisco TMS FQDN (Fully Qualified Domain Name))
l
(Optional) Email address, password, company name
4. Send the TMS certificate signing request file, tms-certcsr.pem to be signed by a well-known certificate
authority (CA) or a self-created certificate authority such as OpenSSL or Windows CA.
You should receive the signed certificate, tms-cert.der back from the CA.
You should receive the signed certificate, tms-cert.der back from the CA.
5. Convert the signed certificate from .der to .pem using the following OpenSSL command:
openssl x509 -inform der -in tms-cert.cer -out tms-cert.pem
6. Combine the signed certificate .pem with the private key:
openssl pkcs12 -export -inkey tms-privatekey.pem -in tms-cert.pem -out
tms-cert-key.p12 -nametms-cert-key
You now have a Cisco TMS certificate that contains the private key for SSO configuration to upload to Cisco
TMS
TMS
Administration Tools > Configuration > WebEx Settings
.
Setting up SSO and installing the certificate
In this section you need to collaborate with the WebEx Cloud Service Team. The cloud services team
provisions (creates) your WebEx site. For SSO configuration, cloud services is responsible for configuring
SSO and uploading the certificate provided by the Cisco TMS administrator for your WebEx site.
provisions (creates) your WebEx site. For SSO configuration, cloud services is responsible for configuring
SSO and uploading the certificate provided by the Cisco TMS administrator for your WebEx site.
Before configuring SSO in Cisco TMS, you must request the following information from the Webex Cloud
Services team configure it in both Cisco TMS and in the WebEx cloud:
Services team configure it in both Cisco TMS and in the WebEx cloud:
Cisco TMS Administrator Guide (14.3.1)
Page 35 of 342
Setting up Cisco TMS
Setting up WebEx Single Sign On