Cisco Cisco Unified Customer Voice Portal 11.0(1)
a.
Retrieve the keystore password from the
security.properties
file (resides in the
%CVP_HOME%\conf directory) on the Operations Console service.
b.
Export the certificate from the keystore on the Operations Console Server. Open a command
prompt and navigate to the %CVP_HOME%\conf\security directory, then enter the
following command:
prompt and navigate to the %CVP_HOME%\conf\security directory, then enter the
following command:
.\..\jre\bin\keytool -export -v -keystore .keystore -storetype JCEKS
-alias oamp_certificate -file <oamp_cert_XXX>
Where the file argument in <> (angle brackets) is user-defined and unique.
Note: Do not modify the oamp_certificate alias name.
When prompted, enter the keystore password.
c.
Copy the exported certificate file <oamp_cert_XXX> from the Operations Console service
to the %CVP_HOME%\conf\security folder on the machine where the Unified CVP
Resource Manager service is running.
to the %CVP_HOME%\conf\security folder on the machine where the Unified CVP
Resource Manager service is running.
d.
Retrieve the keystore password from the
security.properties
file on the managed
Unified CVP device.
e.
For Windows, import the Operations Console certificate <oamp_cert_XXX> into the
keystore on the managed Unified CVP device. Open a command prompt and navigate to
the %CVP_HOME%\conf\security directory, then enter the following command:
keystore on the managed Unified CVP device. Open a command prompt and navigate to
the %CVP_HOME%\conf\security directory, then enter the following command:
..\..\jre\bin\keytool -import -keystore .keystore -storetype JCEKS
-trustcacerts -alias <orm_oamp_certificate> -file <oamp_cert_XXX>
Where the alias argument in <> (angle brackets) is user-defined and unique, and the file argument
in <> (angle brackets) is the exported Operations Console certificate filename.
in <> (angle brackets) is the exported Operations Console certificate filename.
When prompted, enter the keystore password and then enter
yes
to confirm.
f.
For AIX, import the Operations Console certificate oamp_cert_XXX into the keystore on
the managed Unified CVP device. Open a command prompt and navigate to the
%CVP_HOME%\conf\security directory, then enter the following command:
the managed Unified CVP device. Open a command prompt and navigate to the
%CVP_HOME%\conf\security directory, then enter the following command:
$WAS_HOME/java/bin/keytool -import -keystore .keystore -storetype JCEKS
-trustcacerts -alias <orm_oamp_certificate> -file <oamp_cert_XXX>
Where the alias argument in <> (angle brackets) is user-defined and unique, and the file argument
in <> (angle brackets) is the exported Operations Console certificate filename.
in <> (angle brackets) is the exported Operations Console certificate filename.
g.
Repeat these steps for every machine where the Unified CVP Resource Manager service
is running if the JMX communication from the Operations Server to that managed Unified
CVP device needs to be secured.
is running if the JMX communication from the Operations Server to that managed Unified
CVP device needs to be secured.
Step 2
Import the managed Unified CVP device certificate as trusted in the keystore on the Operations
Console Server:
Console Server:
Configuration and Administration Guide for Cisco Unified Customer Voice Portal Release 4.1(1)
245
Chapter 6: Configuring and Modifying Unified CVP Security
Securing Communications Between Unified CVP Components