Cisco Cisco Customer Voice Portal 8.0(1)

Private key for self-signed certificate: %CVP_HOME%\conf\security\xxxx.key

where xxxx represents the key and the certificate files. Call Server key and certificate files will
be named callserver.key and callserver.crt. VXML Server key and certificate files will be named
vxml.key and vxml.crt.

Tomcat users must follow the steps below to present a CA-signed certificate to inbound HTTPS
clients.

Access the OpenSSL command line.

Note: You must first install OpenSSL (http://www.openssl.org), as it is not included with Unified
CVP. Refer to the OpenSSL documentation for details.

Generate a Certificate Signing Request (CSR) by entering the following command:

openssl req -new -key xxxx.key -out xxxx.csr

Send the xxxx.csr certificate file to a Certificate Authority (CA) for sign-off. Once the certificate
is signed, it will be returned with a root certificate of a CA.

Replace the original xxxx.crt file with the signed certificate.

Restart the CVP server to apply the new signed certificate.

Using WebSphere to Present CA-signed Certificates to Inbound HTTPS Clients

WebSphere users must follow the steps below to present a CA-signed certificate to inbound
HTTPS clients.

Run IBM's ikeyman utility to create a keystore: C:\Program
Files\IBM\HTTPServer\bin\ikeyman.bat.

Create a new Key database file:

•

Select Key Database File > New.

•

Database type: CMS

•

Filename: key.kdb

•

Location: C:\Program Files\IBM\HTTPServer\keys

Note: The "keys" directory will have to be explicitly created if it does not exist. Keystore will
prompt for password and expiration information. Check off creates a Stash file.

Create a new Certificate Request in ikeyman by selecting Create > New Certificate Request.

•

Key Label: <hostname>

Configuration and Administration Guide for Cisco Unified Customer Voice Portal Release 8.0(1)