Cisco Cisco Expressway
■
IM and Presence chat node aliases (federated group chat): the Chat Node Aliases (e.g.
chatroom1.example.com) that are configured on the IM and Presence servers. These are required only for
Unified Communications XMPP federation deployments that intend to support group chat over TLS with
federated contacts.
chatroom1.example.com) that are configured on the IM and Presence servers. These are required only for
Unified Communications XMPP federation deployments that intend to support group chat over TLS with
federated contacts.
The Expressway-C automatically includes the chat node aliases in the CSR, providing it has discovered a set
of IM&P servers.
of IM&P servers.
We recommend that you use DNS format for the chat node aliases when generating the CSR. You must
include the same chat node aliases in the Expressway-E server certificate's alternative names.
include the same chat node aliases in the Expressway-E server certificate's alternative names.
Figure 1 Entering subject alternative names for security profiles and chat node aliases on the
Expressway-C's CSR generator
Expressway-C's CSR generator
Expressway-E server certificate requirements
The Expressway-E server certificate needs to include the following elements in its list of subject alternate names:
■
Unified CM registrations domains: all of the domains which are configured on the Expressway-C for Unified
CM registrations. They are required for secure communications between endpoint devices and Expressway-E.
CM registrations. They are required for secure communications between endpoint devices and Expressway-E.
Select the DNS format and manually specify the required FQDNs. Separate the FQDNs by commas if you need
multiple domains. You may select CollabEdgeDNS format instead, which simply adds the prefix
multiple domains. You may select CollabEdgeDNS format instead, which simply adds the prefix
collab-edge.
to the domain that you enter. This format is recommended if you do not want to include your top level domain
as a SAN (see example in following screenshot).
as a SAN (see example in following screenshot).
■
XMPP federation domains: the domains used for point-to-point XMPP federation. These are configured on
the IM&P servers and should also be configured on the Expressway-C as domains for XMPP federation.
the IM&P servers and should also be configured on the Expressway-C as domains for XMPP federation.
Select the DNS format and manually specify the required FQDNs. Separate the FQDNs by commas if you need
multiple domains. Do not use the XMPPAddress format as it may not be supported by your CA, and may be
discontinued in future versions of the Expressway software.
multiple domains. Do not use the XMPPAddress format as it may not be supported by your CA, and may be
discontinued in future versions of the Expressway software.
■
IM and Presence chat node aliases (federated group chat): the same set of Chat Node Aliases as entered
on the Expressway-C's certificate. They are only required for voice and presence deployments which will
support group chat over TLS with federated contacts.
on the Expressway-C's certificate. They are only required for voice and presence deployments which will
support group chat over TLS with federated contacts.
Note that you can copy the list of chat node aliases from the equivalent Generate CSR page on the
Expressway-C.
Expressway-C.
10
Cisco Expressway Certificate Creation and Use Deployment Guide
Server Certificate Requirements for Unified Communications