Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
You must select the DNS format and manually specify the required FQDNs. Separate the FQDNs by
commas if you need multiple domains. Do not use the SRVName format as it may not be supported by
your CA, and may be discontinued in future versions of the VCS software.
You may prefix the domain name with collab-edge. if you do not wish to include the top level domain
as a SAN (see example in following screenshot).
commas if you need multiple domains. Do not use the SRVName format as it may not be supported by
your CA, and may be discontinued in future versions of the VCS software.
You may prefix the domain name with collab-edge. if you do not wish to include the top level domain
as a SAN (see example in following screenshot).
n
XMPP federation domains: the domains used for point-to-point XMPP federation. These are configured
on the IM&P servers and should also be configured on the VCS Control as domains for XMPP federation.
You must select the DNS format and manually specify the required FQDNs. Separate the FQDNs by
commas if you need multiple domains. Do not use the XMPPAddress format as it may not be supported
by your CA, and may be discontinued in future versions of the VCS software.
on the IM&P servers and should also be configured on the VCS Control as domains for XMPP federation.
You must select the DNS format and manually specify the required FQDNs. Separate the FQDNs by
commas if you need multiple domains. Do not use the XMPPAddress format as it may not be supported
by your CA, and may be discontinued in future versions of the VCS software.
n
IM and Presence chat node aliases (federated group chat): the same set of Chat Node Aliases as
entered on the VCS Control's certificate. They are only required for voice and presence deployments
which will support group chat over TLS with federated contacts.
You must select the DNS format and manually specify the required FQDNs. Separate the FQDNs by
commas if you need multiple domains. Do not use the XMPPAddress format as it may not be supported
by your CA, and may be discontinued in future versions of the VCS software.
Note that the list of required aliases can be viewed (and copy-pasted) from the equivalent
entered on the VCS Control's certificate. They are only required for voice and presence deployments
which will support group chat over TLS with federated contacts.
You must select the DNS format and manually specify the required FQDNs. Separate the FQDNs by
commas if you need multiple domains. Do not use the XMPPAddress format as it may not be supported
by your CA, and may be discontinued in future versions of the VCS software.
Note that the list of required aliases can be viewed (and copy-pasted) from the equivalent
Generate CSR
page on the VCS Control.
Figure 11: Entering subject alternative names for Unified CM registration domains, XMPP federation
domains, and chat node aliases, on the VCS Expressway's CSR generator
domains, and chat node aliases, on the VCS Expressway's CSR generator
Managing certificate revocation lists (CRLs)
Certificate revocation list (CRL) files are used by the VCS to validate certificates presented by client
browsers and external systems that communicate with the VCS over TLS/HTTPS. A CRL identifies those
certificates that have been revoked and can no longer be used to communicate with the VCS.
browsers and external systems that communicate with the VCS over TLS/HTTPS. A CRL identifies those
certificates that have been revoked and can no longer be used to communicate with the VCS.
We recommend that you upload CRL data for the CAs that sign TLS/HTTPS client and server certificates.
When enabled, CRL checking is applied for every CA in the chain of trust.
When enabled, CRL checking is applied for every CA in the chain of trust.
CRL sources
The VCS can obtain CRL information from multiple sources:
Cisco TelePresence Video Communication Server Administrator Guide (X8.5.1)
Page 328 of 563
Maintenance
About security certificates