Cisco Cisco Meeting Server 2000
Cisco Meeting Server Release 2.0 : Certificate Guidelines for Single Combined Deployments
13
3 Obtaining certificates
explains where certificates are required to establish secure connections in the
deployment, and the type of certificates required (signed by a public CA or an internal CA). This
chapter focuses on how to obtain the different types of certificate,
chapter focuses on how to obtain the different types of certificate,
covers where to
install them.
Note: If you are connecting a Lync deployment to the Meeting Server, you are advised to use the
same Certificate Authority (CA) that is trusted by Lync Front End servers. Contact your Lync
adviser for details of the CA and for support on the Meeting Server-Lync integration.
same Certificate Authority (CA) that is trusted by Lync Front End servers. Contact your Lync
adviser for details of the CA and for support on the Meeting Server-Lync integration.
All certificates require you following a 3 step process:
1. Generate a private key and the Certificate Signing Request (.csr) file for the specific Meeting
Server component.
Note: The public key is created and held within the .csr file.
2. Submit the .csr file to the CA (public CA or internal CA) for signing.
3. Install the signed certificate and intermediate CA bundle (if any) on the Meeting Server using
SFTP.
The remainder of this chapter provides examples for steps 1 and 2.
covers step 3.
Note: Instructions for generating self-signed certificates using the Meeting Server’s MMP
commands are provided in
commands are provided in
. These are useful for testing your configuration in the lab.
However, in a production environment you are advised to use certificates signed by a Certificate
Authority (CA).
Authority (CA).
Note: The Meeting Server supports certificates signed using SHA1 and SHA2 algorithms. When
the Meeting Server creates certificate signing requests, they are signed using SHA256 in
accordance with rules which CAs now operate under.
the Meeting Server creates certificate signing requests, they are signed using SHA256 in
accordance with rules which CAs now operate under.
3.1 Generating a private key and Certificate Signing Request (.csr file)
This section describes using the Meeting Server MMP pki command to create a public key and
.csr file. If you prefer to use a third party tool to do this, follow the instructions from the third
party then resume following this guide from
.csr file. If you prefer to use a third party tool to do this, follow the instructions from the third
party then resume following this guide from
. If you prefer to use OpenSSL to create
a private key and .csr file then
provides an overview of the steps to follow.
3 Obtaining certificates