для Cisco Acano X-series
Cisco Meeting Server Release 2.0 : Certificate Guidelines for Single Combined Deployments
21
4 Installing signed certificates and private keys on
the Meeting Server
the Meeting Server
To summarize
, the single combined Meeting Server deployment requires public CA
signed certificates for:
n
the Web bridge, if Web RTC clients are to be enabled for use by end users. The Web RTC
client requires a public CA signed certificate from the Web Bridge in order to trust the
connection.
client requires a public CA signed certificate from the Web Bridge in order to trust the
connection.
n
the TURN server, if you plan to use TLS connections for secure communication.
n
the XMPP server, if native Cisco Meeting Apps (PC, Mac, iOS) are to be used by end users.
The Native Cisco Meeting Apps require a public CA signed certificate from the XMPP server
in order to trust the connection.
The Native Cisco Meeting Apps require a public CA signed certificate from the XMPP server
in order to trust the connection.
n
the Call Bridge, if direct Lync federation over a public network is required. The Lync Edge
server requires a public CA signed certificate from the Call Bridge in order to trust the
connection.
server requires a public CA signed certificate from the Call Bridge in order to trust the
connection.
And internal CA signed certificates for:
n
the Web Admin. The Meeting Server API is routed through the Web Admin Interface, so a
certificate is required even if you configure the Call Bridge through the API rather than the
Web Admin Interface.
certificate is required even if you configure the Call Bridge through the API rather than the
Web Admin Interface.
n
the Call Bridge. The Web Bridge requires a certificate from the Call Bridge. The Active
Directory Server also requires a certificate from the Call Bridge. In addition, if your
deployment has SIP trunks, then the Call Bridge requires a certificate for mutual
authentication with the SIP call control devices.
Directory Server also requires a certificate from the Call Bridge. In addition, if your
deployment has SIP trunks, then the Call Bridge requires a certificate for mutual
authentication with the SIP call control devices.
Note: this guide assumes that you have already installed the private key/certificate pair for the
Web Admin Interface as described in the Meeting Server Installation Guide. If you have not, do
so now.
Web Admin Interface as described in the Meeting Server Installation Guide. If you have not, do
so now.
4.1 Reusing a private key and certificate
You do not need to have a different private key/certificate pair for each certificate install. In
some circumstances you can copy and reuse the private key and certificate for multiple services.
Here is some advice if you reuse a private key/certificate pair:
some circumstances you can copy and reuse the private key and certificate for multiple services.
Here is some advice if you reuse a private key/certificate pair:
n
if you are connecting a Lync deployment to your Meeting Server, you are advised to use the
Certificate Authority (CA) trusted by the Lync deployment.
Certificate Authority (CA) trusted by the Lync deployment.
4 Installing signed certificates and private keys on the Meeting Server