Cisco Cisco IPCC Web Option Release Note
authorizing CA is not in the list, the browser asks the user to choose whether to accept or decline
the connection.
the connection.
Install the standalone SSL Encryption Utility on the AW Real-time Distributor (in the AW
Program Group) and the WebView Server (in the /icm/bin directory). This enables you to change
the default SSL settings (implemented by Setup). This utility contains the functionality to
regenerate the self-signed certificate and replace the IIS installed certificate as needed.
Program Group) and the WebView Server (in the /icm/bin directory). This enables you to change
the default SSL settings (implemented by Setup). This utility contains the functionality to
regenerate the self-signed certificate and replace the IIS installed certificate as needed.
Internet Script Editor Client
While Cisco supported SSL on Windows 2000 for previous versions of ICM, HTTP was setup
as the default connection using port 80. If the client required an SSL connection (using port
443), the server had to be manually configured, the certificate setup on the server, and the
encrypted flag had to be set on the ISE client. In addition, the ISE client did not check to see if
the certificate was valid or not.
as the default connection using port 80. If the client required an SSL connection (using port
443), the server had to be manually configured, the certificate setup on the server, and the
encrypted flag had to be set on the ISE client. In addition, the ISE client did not check to see if
the certificate was valid or not.
With ICM/IPCC release 7.0(0) on Windows 2003, ICM setup now configures the SSL connection
(using port 443) by default and sets up the certificate on the ISE server (the Distributor AW).
(using port 443) by default and sets up the certificate on the ISE server (the Distributor AW).
For an ICM/IPCC release 7.0(0) system on Windows 2000, ICM setup does not configure an
SSL connection or setup the certificate. If you areinstalling a new ISE client, an HTTPS
connection is configured by default.
SSL connection or setup the certificate. If you areinstalling a new ISE client, an HTTPS
connection is configured by default.
An upgraded ISE client uses the connection that was previously configured. During upgrades,
if you decide to keep the client at Windows 2000, the client always uses the default port setting
(80) unless communications fail then both the server and the client communicate using HTTPS
(still using port 80 - no change).
if you decide to keep the client at Windows 2000, the client always uses the default port setting
(80) unless communications fail then both the server and the client communicate using HTTPS
(still using port 80 - no change).
When the ISE client connects to the server, one of the following occurs.
1. If the encrypted flag is not set:
–
The client starts with setting up an HTTP connection.
If the client successfully connects to the server, it sents the user account and password
in plain text. It then establishes the session with the server via HTTP.
in plain text. It then establishes the session with the server via HTTP.
If the client cannot connect to the server, it fails over and tries to connect to the server
via HTTPS. If the HTTPS connection is setup successfully, the client sends the
encrypted user account and password. It also sets the encrypted flag in the registry
so that the next time it will use HTTPS.
via HTTPS. If the HTTPS connection is setup successfully, the client sends the
encrypted user account and password. It also sets the encrypted flag in the registry
so that the next time it will use HTTPS.
–
After the HTTPS connection is established, the server sends the certificate to the
client. The client presents the certificate prompt, unless it has been previously saved
locally.
client. The client presents the certificate prompt, unless it has been previously saved
locally.
ICM Scripting and Media Routing Guide Cisco ICM/IPCC Enterprise & Hosted Editions Release 7.0(0)
173
Chapter 10: Internet Script Editor (ISE)
Secure Socket Layer (SSL) Requirements for ISE