Message Image

Skip main navigation (Press Enter).

General IAUG Discussion Forum

View Only

Back to discussions

Expand all | Collapse all

CM Cert Issue

Todd Stone02-06-2020 06:40 AM

Good Morning, I need help in configuring a certificate for CM. I just deployed SM and ASM 8 and run ...

Sam Osheroff02-07-2020 09:12 AM

You'll need to, at a minimum, import the SMGR root CA into CM (via CM's web interface). I don't have ...

1. CM Cert Issue

0 Recommend
Todd Stone
Posted 02-06-2020 06:40 AM

Reply Reply Privately
Good Morning,

I need help in configuring a certificate for CM. I just deployed SM and ASM 8 and run the initTM -f to pull the new CA from ASM which is showing to be 2048 key and SHA2. However once I did this my SIP TLS signal group between CM and SM is down.

I know it has to be a cert issue but I have no idea how to resolve it. I am hoping there is someone on here that is an expert when it comes to this stuff. I have never dealt with certificates.

Thank you so much

------------------------------
Todd Stone
Telecommunications Adminstrator
St Johns County Schools
------------------------------
2. RE: CM Cert Issue

0 Recommend
Sam Osheroff
Posted 02-07-2020 09:12 AM

Reply Reply Privately
You'll need to, at a minimum, import the SMGR root CA into CM (via CM's web interface). I don't have the guide in front of me so let me know if you can't figure out the steps.

Just doing the root CA might not be enough if Session Manager doesn't trust the identity cert that CM is using. If that's the case, you can either figure out what CA signed CM's current cert and add that to Session Manager's trust store, OR generate a new identity cert from SMGR for CM to use. Switching CM's identity cert isn't hard but it also means getting one for AES to use too.

Sam Osheroff
UW-IT Telecom Engineer
University of Washington
sosherof@uw.edu
206.221.6362

Original Message

Powered by Higher Logic