Cisco Systems ASA 5580 Manual De Usuario
15-21
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 15 Using the Cisco Unified Communication Wizard
Configuring the UC-IME by using the Unified Communication Wizard
Configuring the Local-Side Certificates for the Cisco Intercompany Media
Engine Proxy
Engine Proxy
Completing this step of the wizard generates a self-signed certificate for the ASA. The server proxy
certificate is automatically generated using the subject name provided in an earlier step of this wizard.
certificate is automatically generated using the subject name provided in an earlier step of this wizard.
The wizard supports using self-signed certificates only.
A trusted relationship between the ASA and the Cisco UMA server can be established with self-signed
certificates. The certificates are used by the security appliance and the Cisco UCMs to authenticate each
other, respectively, during TLS handshakes.
certificates. The certificates are used by the security appliance and the Cisco UCMs to authenticate each
other, respectively, during TLS handshakes.
The ASA's identity certificate is exported, and then needs to be installed on each Cisco Unified
Communications Manager (UCM) server in the cluster with the proxy and each identity certificate from
the Cisco UCMs need to be installed on the security appliance.
Communications Manager (UCM) server in the cluster with the proxy and each identity certificate from
the Cisco UCMs need to be installed on the security appliance.
This step in the Unified Communications Wizard only appears when the UC-IME proxy that you are
creating has at least one secure Cisco Unified Communications Manager server defined. See
creating has at least one secure Cisco Unified Communications Manager server defined. See
Step 1
In the ASA’s Identity Certificate area, click Generate and Export ASA’s Identity Certificate.
An information dialog boxes appear indicating that the enrollment seceded. In the Enrollment Status
dialog box, click OK. The Export certificate dialog box appears.
dialog box, click OK. The Export certificate dialog box appears.
Note
•
If an identity certificate for the ASA has already been created, the button in this area appears as
Export ASA’s Identity Certificate and the Export certificate dialog box immediately appears.
Export ASA’s Identity Certificate and the Export certificate dialog box immediately appears.
•
When using the wizard to configure the Cisco Intercompany Media Engine Proxy, the wizard only
supports installing self-signed certificates.
supports installing self-signed certificates.
Step 2
Export the identity certificate generated by the wizard for the ASA. See
Step 3
In the Local Unified CM’s Certificate area, click Install Local Unified CM’s Certificate. The Install
Certificate dialog appears.
Certificate dialog appears.
Step 4
Locate the file containing the certificate from the Cisco Unified Communications Manager server or
paste the certificate details in the dialog box. See
paste the certificate details in the dialog box. See
. You must install
the certificate from each Cisco Unified Communications Manager server in the cluster.
Step 5
Click Next.
Note
See the Cisco Intercompany Media Engine server documentation for information on how to export the
certificate for this server.
certificate for this server.