Cisco Cisco Meeting Server 2000
Cisco Meeting Server Release 2.0 : Certificate Guidelines for Single Combined Deployments
23
4. Enter the command:
pki verify xmppserver.crt xmppbundle.crt
to check that xmppserver.crt is signed by a trusted CA, with the chain of trust established
through the chain of intermediate certificates in xmppbundle.crt.
through the chain of intermediate certificates in xmppbundle.crt.
4.4 Installing the Certificate and Private Key for the XMPP Servers
If your Meeting Server supports end users using the native Cisco Meeting Apps for PC, Mac, and
iOS devices, then you need to install a public CA signed certificate for the XMPP server. The
certificate will be used by the Meeting Apps in the initial setting up of the connection to
determine whether they can trust the connection with the XMPP server.
iOS devices, then you need to install a public CA signed certificate for the XMPP server. The
certificate will be used by the Meeting Apps in the initial setting up of the connection to
determine whether they can trust the connection with the XMPP server.
The steps below assume that you have already configured the network interface that the XMPP
server will use to listen. Refer to the Single Combined Server Deployment Guide for information
on setting the interface using the listen MMP command, before assigning the certificate.
server will use to listen. Refer to the Single Combined Server Deployment Guide for information
on setting the interface using the listen MMP command, before assigning the certificate.
1. SSH into the MMP
2. Disable the XMPP server interface before assigning the certificate
xmpp disable
3. Assign the private key/certificate pair using the command:
xmpp certs <keyfile> <certificatefile> [<cert-bundle]
where keyfile and certificatefile are the filenames of the matching private key and
certificate . If your CA provides a certificate bundle then also include the bundle as a separate
file to the certificate.
certificate . If your CA provides a certificate bundle then also include the bundle as a separate
file to the certificate.
For example:
xmpp certs xmppserver.key xmppserver.crt xmppserverbundle.crt
4. Re-enable the XMPP server interface
xmpp enable
If the certificate installs successfully on the XMPP server, the following is displayed:
SUCCESS: Domain configured
SUCCESS: Key and certificate pair match
SUCCESS: license file present
SUCCESS: XMPP server enabled
SUCCESS: Key and certificate pair match
SUCCESS: license file present
SUCCESS: XMPP server enabled
If the certificate fails to install, the following error message is displayed:
FAILURE: Key and certificate problem: certificate and key do not
match
FAILURE: XMPP server configuration not complete
match
FAILURE: XMPP server configuration not complete
4 Installing signed certificates and private keys on the Meeting Server