Cisco Cisco Unified Customer Voice Portal 11.0(1)
Tomcat users must follow the steps below to present a CA-signed certificate to inbound HTTPS
clients.
clients.
Step 1
Access the OpenSSL command line.
Note: You must first install OpenSSL (http://www.openssl.org), as it is not included with Unified
CVP. Refer to the OpenSSL documentation for details.
CVP. Refer to the OpenSSL documentation for details.
Step 2
Generate a Certificate Signing Request (CSR) by entering the following command:
openssl req -new -key xxxx.key -out xxxx.csr
Step 3
Send the xxxx.csr certificate file to a Certificate Authority (CA) for sign-off. Once the certificate
is signed, it will be returned with a root certificate of a CA.
is signed, it will be returned with a root certificate of a CA.
Step 4
Replace the original xxxx.crt file with the signed certificate.
Step 5
Restart the CVP server to apply the new signed certificate.
Using WebSphere to Present CA-signed Certificates to Inbound HTTPS Clients
WebSphere users must follow the steps below to present a CA-signed certificate to inbound
HTTPS clients.
HTTPS clients.
Step 1
Run IBM's ikeyman utility to create a keystore: C:\Program
Files\IBM\HTTPServer\bin\ikeyman.bat.
Files\IBM\HTTPServer\bin\ikeyman.bat.
Create a new Key database file:
•
Select Key Database File > New.
•
Database type: CMS
•
Filename: key.kdb
•
Location: C:\Program Files\IBM\HTTPServer\keys
Note: The "keys" directory will have to be explicitly created if it does not exist. Keystore will
prompt for password and expiration information. Check off creates a Stash file.
prompt for password and expiration information. Check off creates a Stash file.
Configuration and Administration Guide for Cisco Unified Customer Voice Portal Release 4.1(1)
254
Chapter 6: - Configuring and Modifying Unified CVP Security
HTTPS Support for Unified CVP