Certificates for Live Data
Certificates and Secure Communications
For secure Cisco Finesse, Cisco Unified Intelligence Center, AWDB, and Live Data server-to-server communication, perform any of the following:
-
Use the self-signed certificates provided with Live Data.
Note
When using self-signed certificates, agents must accept the Live Data certificates in the Finesse desktop when they sign in before they can use the Live Data gadget.
-
Obtain and install a Certification Authority (CA) certificate from a third-party vendor.
-
Produce a Certification Authority (CA) certificate internally.
Note |
After the successful upgrade, the CAs that are unapproved by Cisco are removed from the platform trust store. You can add them back, if necessary.
|
Self-Signed Certificates and Third-Party CA Certificates
For secure Cisco Finesse, Cisco Unified Intelligence Center, AWDB, and Live Data server-to-server communication, you must set up security certificates (Applicable for both Self-Signed and Third-Party CA Certificates):
-
For Cisco Finesse and Cisco Unified Intelligence Center servers to communicate with the Live Data server, you must to import the Live Data certificates and Cisco Unified Intelligence Center certificates into Cisco Finesse, and the Live Data certificates into Cisco Unified Intelligence Center.
-
For Live Data servers to communicate with AWDB servers, you must import AWDB certificates into Live Data.
-
For Live Data servers to communicate with Cisco Unified Intelligence Center servers, you must import Cisco Unified Intelligence Center servers certificates into Live Data.
On Server |
Import Certificates From |
---|---|
Finesse |
Live Data and Cisco Unified Intelligence Center |
Live Data |
AW Database Cisco Unified Intelligence Center |
Cisco Unified Intelligence Center |
Live Data |
Export Self-Signed Live Data Certificates
Live Data installation includes the generation of self-signed certificates. If you choose to work with these self-signed certificates (rather than producing your own CA certificate or obtaining a CA certificate from a third-party certificate vendor), you must first export the certificates from Live Data and Cisco Unified Intelligence Center, as described in this procedure. You must export from both Side A and Side B of the Live Data and Cisco Unified Intelligence Center servers. You must then import the certificates into Finesse, importing both Side A and Side B certificates into each side of the Finesse servers.
As is the case when using other self-signed certificates, agents must accept the Live Data certificates in the Finesse desktop when they sign in before they can use the Live Data gadget.
Procedure
Step 1 |
Sign in to Cisco Unified Operating System Administration on Cisco Unified Intelligence Center (https://hostname of Cisco Unified Intelligence Center server/cmplatform). |
Step 2 |
From the Security menu, select Certificate Management. |
Step 3 |
Click Find. |
Step 4 |
Do one of the following:
|
Step 5 |
Download the certificate and save the file to your desktop. Be sure to perform these steps for both Side A and Side B. |
Step 6 |
After you have downloaded the certificates from Cisco Unified Intelligence Center, sign in to Cisco Unified Operating System Administration on the Live Data server (http://hostname of LiveData server/cmplatform), and repeat steps 2 to 5. This is applicable only for Standalone LiveData. |
What to do next
You must now import the Live Data and Cisco Unified Intelligence Center certificates into the Finesse servers.
Import Self-Signed Live Data Certificates
To import the certificates into the Finesse servers, use the following procedure.
Procedure
Step 1 |
Sign in to Cisco Unified Operating System Administration on the Finesse server using the following URL: https://FQDN of Finesse server:8443/cmplatform |
Step 2 |
From the Security menu, select Certificate Management. |
Step 3 |
Click Upload Certificate. |
Step 4 |
From the Certificate Name drop-down list, select tomcat-trust. |
Step 5 |
Click Browse and browse to the location of the Cisco Unified Intelligence Center certificate (). |
Step 6 |
Select the file, and click Upload File. |
Step 7 |
After you have uploaded the Cisco Unified Intelligence Center certificate repeat steps 3 to 6 for Live Data certificates.This is applicable only for standalone Live Data. |
Step 8 |
After you upload both the certificates, restart Cisco Finesse Tomcat on the Finesse server. |
What to do next
Be sure to perform these steps for both Side A and Side B.
Obtain and Upload Third-party CA Certificate
You can use a Certification Authority (CA) certificate provided by a third-party vendor to establish an HTTPS connection between the Live Data, Cisco Finesse, and Cisco Unified Intelligence Center servers.
To use third-party CA certificates:
-
From the Live Data servers, generate and download a Certificate Signing Requests (CSR).
-
Obtain root and application certificates from the third-party vendor.
-
Upload the appropriate certificates to the Live Data, Unified Intelligence Center, and Cisco Finesse servers.
Follow the instructions provided in the Unified CCE Solution: Procedure to Obtain and Upload Third-Party CA certificates (Version 11.x) technical note at https://www.cisco.com/c/en/us/support/docs/customer-collaboration/unified-contact-center-enterprise-1101/200286-Unified-CCE-Solution-Procedure-to-Obtai.html .