Cisco Cisco Customer Voice Portal 8.0(1)
Obtaining and Deploying Certificate Authority Signed Certificates
Follow the steps described in this section to:
•
Generate a Certificate Signing Request.
•
Obtain the signed certificate.
•
Import the signed certificates on all machines managed by the Unified CVP Operations
Console.
Console.
How to Add a Certificate Signed by a Certificate Authority to the Keystore
Follow the steps below to generate and import CA-signed certificates for secure communications
between the Operations Console and the CVP ResourceManager on other devices in your Unified
CVP solution.
between the Operations Console and the CVP ResourceManager on other devices in your Unified
CVP solution.
Notes:
•
This section does not discuss how to accommodate HTTPS connections to the Operations
Console; for information on that topic, see the "
Console; for information on that topic, see the "
•
The
keytool
commands shown below use the JRE relative path for the Windows platform.
For AIX, keytool can be found in
$WAS_HOME/java/bin
.
•
If you have already exchanged certificates to secure Unified CVP device communications,
that process must be repeated after importing the signed certificates.
that process must be repeated after importing the signed certificates.
Step 1
Retrieve the keystore password from the
security.properties
file.
Step 2
Generate a Certificate Signing Request (CSR).
a.
From the %CVP_HOME%\conf\security directory, enter the following:
..\..\jre\bin\keytool -keystore .keystore -storetype JCEKS -certreq
-keyalg RSA -sigalg MD5withRSA -alias orm_certificate -file
ormcertreq.csr
b.
When prompted, enter the keystore password.
Step 3
Send the ormcertreq.csr certificate file to a Certificate Authority (CA) for sign-off. Once the
certificate is signed, it will be returned with a root certificate of a CA and, depending on the
signing CA, some optional intermediate certificates.
certificate is signed, it will be returned with a root certificate of a CA and, depending on the
signing CA, some optional intermediate certificates.
Step 4
Install the signed certificate into keystore.
a.
Enter the following command to install the Intermediate CA Certificates (if any):
Configuration and Administration Guide for Cisco Unified Customer Voice Portal Release 4.1(1)
248
Chapter 6: - Configuring and Modifying Unified CVP Security
Securing Communications Between Unified CVP Components