Cisco Jabber for Windows

Cisco Jabber: Mandatory Server Certificate Validation TechNote

Document ID: 116637

Updated: Oct 09, 2013

Contributed by Scott Hills, Cisco TAC Engineer.



Cisco Jabber clients will soon default to mandatory validation of all server certificates in order to enhance the security environment of the Cisco collaboration solution and establish secure connections between client and server.

On-Premise Servers

Jabber will begin to validate certificates against these on-premise servers:

  • Cisco Unified Communications Manager (CUCM)
  • CUCM Instant Messaging and Presence (IM/P) (Cisco Unified Presence Server [CUPS])
  • Cisco Unity Connection
  • Cisco WebEx Meetings Server

Caution: Before you deploy the Jabber releases listed in this document, ensure that you configure the relevant Cisco collaboration servers with valid server certificates.

Each individual server presents a certificate for each type of secure connection. If a server certificate is not from a trusted

Certificate Authority (CA), which is the case for a self-signed certificate, the certificate needs to be loaded into the client OS certificate store. Otherwise, Jabber users will be prompted to accept or decline individual server certificates when they initially connect.

Consult the server administration documentation for your release in order to determine how to set up server certificates in preparation for this change.

Jabber Clients

The target dates for the introduction of this change are:

Desktop ClientsDate
Jabber Mac 9.2September 2013
Jabber Windows 9.2.5September 2013
Mobile and Tablet ClientsDate
Jabber for iPhone 9.5October 2013
Jabber for iPhone and iPad 9.6November 2013
Jabber for Android 9.6December 2013

Cloud Services

There is no change required for cloud services that are provided by Cisco. Jabber clients will also validate certificates for WebEx Messenger and WebEx Meetings servers that are already signed by a public internet CA.

Updated: Oct 09, 2013
Document ID: 116637