Cisco Cisco Meeting Server 1000

Cisco Meeting Server Release 2.0 : Certificate Guidelines for Scalable and Resilient Deployments

1. SSH into the MMP

2. Disable the XMPP server interface before assigning the certificate

xmpp disable

3. Assign the private key/certificate pair using the command:

xmpp certs <keyfile> <certificatefile> [<cert-bundle]

where keyfile and certificatefile are the filenames of the matching private key and
certificate . If your CA provides a certificate bundle then also include the bundle as a separate
file to the certificate.

For example:

xmpp certs xmppserver.key xmppserver.crt xmppserverbundle.crt

4. Re-enable the XMPP server interface

xmpp enable

If the certificate installs successfully on the XMPP server, the following is displayed:

SUCCESS: Domain configured
SUCCESS: Key and certificate pair match
SUCCESS: license file present
SUCCESS: XMPP server enabled

If the certificate fails to install, the following error message is displayed:

FAILURE: Key and certificate problem: certificate and key do not
match
FAILURE: XMPP server configuration not complete

If there is a problem with the certificate bundle, an error message similar to the following is
displayed:

SUCCESS: Domain configured
SUCCESS: Key and certificate pair match
FAILURE: certificate verification error: depth=x issuer= x = xx, ST =
xxxxxxx, L = xxxxxx, O = xxxxx, OU = xxxxxx, CN = xxxxxxxxx,
emailAddress = xxxxxxxx@xxxxx.xxx Verification error: unable to get
issuer certificate Failed cert:
Certificate:

Data:
Version: xx
Serial Number: xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=x, ST= xxxxxxx, L= xxxxxx, O= xxxxx, OU= xxxxxx, CN=

xxxxxxxxx, emailAddress = xxxxxxxx@xxxxx.xxx

Validity

Not Before: <month><time><year>
Not After: <month><time><year>

4 Installing signed certificates and private keys on the Meeting Server