Cisco Cisco TelePresence Video Communication Server Expressway
Appendix 2: Additional information
Certificates for TLS
For the VCS to connect to the LDAP server over TLS, it must have a root CA certificate loaded that
authorizes the LDAP server’s server certificate.
authorizes the LDAP server’s server certificate.
In large organizations the IT department will be able to provide relevant certificate information. Details on how
to process the supplied certificate, and how to create the root CA certificate using an OCS server are
described in
to process the supplied certificate, and how to create the root CA certificate using an OCS server are
described in
.
If a root CA certificate is already loaded that is required for other purposes, this new root CA certificate
should be concatenated with the other root CA certificate (Trusted CA certificate) and the single file
containing the two certificates uploaded to VCS.
should be concatenated with the other root CA certificate (Trusted CA certificate) and the single file
containing the two certificates uploaded to VCS.
Note that the server address entered on the
LDAP configuration
page on the VCS must match the CN
(common name) contained within the certificate presented by the LDAP server.
Use with VCS clusters
All LDAP configuration is replicated across cluster peers, however the DNS server is configurable
independently on each VCS peer. Make sure each peer references a DNS server that can lookup the LDAP
server and (if SASL is enabled) can perform a reverse lookup of the LDAP server IP address.
independently on each VCS peer. Make sure each peer references a DNS server that can lookup the LDAP
server and (if SASL is enabled) can perform a reverse lookup of the LDAP server IP address.
Cisco TelePresence Authenticating Cisco VCS Accounts Using LDAP Deployment Guide (X8.2)
Page 12 of 20
Appendix 2: Additional information