Cisco Cisco Unified Contact Center Enterprise 8.5(1)

/certhash: specifies the SHA-1 thumbprint of the certificate; required only when binding a 
specific certificate, which exists in the certificate store, to a port. 

/logpath: specifies the path where the log file should be created; by default it is the 
current folder. 

The following table explains each task: 

CreateAndBindCert

 

Creates a self signed certificate in the local computer personal 
certificate store and binds it with HTTP service on the given port. 

[Used by ICM-CCE-CCH Install]

 

BindCertFromStore

 

Looks up the certificate provided by /certhash argument in 
certificate store and binds it with the HTTP service on the given 
port.

 

UnbindCert

 

Removes the certificate binding from the specified port, does not 
modify any certificate in the store

 

UnbindAndDeleteCert

 

Removes the certificate binding from the specified port. Also, 
deletes the self signed certificate created by CreateAndBindCert 
option. 

[Used by ICM-CCE-CCH Uninstall] 

ValidateCertBinding    

 

Verifies the certificate binding on the specified port and confirms 
its presence in the local computer certificate store. 

Diagnostic Framework Certificate Manager utility stores the thumbprint (SHA-1 hash) of the 
self signed certificate created by the utility and the certificate used by the Diagnostic 
Framework service in the registry at the following location respectively: 

HKLM\SOFTWARE\Cisco Systems, Inc.\ICM\Serviceability\ 
DiagnosticFramework\SelfSignedCertCreatedForDiagFwSvc 

HKLM\SOFTWARE\Cisco Systems, Inc.\ICM\Serviceability\ 
DiagnosticFramework\CertUsedByDiagFwSvc  

Unless the certificate used by the service is changed manually, both registry values will be 
the same.