This document describes how to exchange the Admin Workstation (AW) self-signed SSL certificates to the Customer Voice Portal (CVP), Finesse, Cisco Enterprise Chat and Email (ECE), Cisco Unified Intelligence Center (CUIC), Cisco Identity Service (idS) and Virtualized Voice Browser (VVB) for Package Contact Center Enterprise (PCCE) Single Pane of Glass (SPOG).
Contributed by Nagarajan Paramasivam and Robert Rogier, Cisco TAC Engineers.
Cisco recommends that you have knowledge of these topics:
Packaged/Unified Contact Center Enterprises (PCCE/UCCE)
The information in this document is based on these components:
Admin Workstation (CCEADMIN/SPOG)
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.
It's recommended that you have read and understand the PCCE Administration and Configuration Guide, specifically the Reference appendix at the end which covers certificate setup and configuration. PCCE Administration and Configuration Guide
New User Interface – SPOG
Packaged CCE 12.0 has a new user interface which is in accordance with other contact center applications. The user interface allows you to configure the solution through one application. Sign in to the new Unified CCE Administration at https://<IP Address>/cceadmin. <IP Address> is the address of the Side A or B Unified CCE AW or the optional external HDS.
In this release, the Unified CCE Administration interface allows you to configure this:
SIP Server Groups
File Transfers: File transfer is possible only through Principal AW (Side A AW in 2000 agent deployment and configured AW in 4000 agent and 12000 agent deployments).
Routing Patterns: Dialed number pattern in Unified CVP Operations Console is now called Routing Pattern in Unified CCE Administration.
Locations: In Unified CCE Administration, Routing Code is now the location prefix instead of Site ID.
Device Configuration: Unified CCE Administration allows you to configure the following devices: CVP Server, CVP Reporting Server, VVB, Finesse, Identity Service (Single Sign-on Setup).
Team Resources: Unified CCE Administration allows you to define and associate the following resources for agent teams: Call Variables Layout, Desktop Layout, Phone Books, Workflows, Reasons (Not Ready, Sign Out, Wrap-Up).
Email and Chat
It is required, prior to attempting to manage the system through SPOG, to exchange the SSL certificates between the Customer Voice Portal (CVP), Finesse, Cisco Enterprice Chat and Email (ECE), Cisco Unified Intelligence Center (CUIC), Cisco Identity Service (idS) and Virtual Voice Browser (VVB) and Admin Workstation (AW) in order to establish a trust communciation.
SSL Certificate Export
Administration Workstation (AW)
Step 1. Access the https://localhost URL in the AW server and download the server SSL certificates.
Step 2. In the certificate window, navigate to the Details tab and click on the Copy To File button.
Step 3.Select Base-64 encoded X.509 (CER) and store the certificate in the local storage.
Step 5. At the password prompt, paste the password copied from the security.properties.
Step 6. Type yes to trust the certificate and ensure you get the result Certificate was added to keystore.
Step 7. There is a warning prompted along with the successful import. This is due to proprietary format Keystore, you can ignore it.
The JCEKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore C:\Cisco\CVP\conf\security\.keystore -destkeystore C:\Cisco\CVP\conf\security\.keystore -deststoretype pkcs12".
Step 1. Log in to the AW server and open the command prompt as administrator.
Step 2. Navigate to C:\Program Files(x86)\Java\jre1.8.0_181\lib\security and ensure the cacerts file exist.
Step 3. Type the command cd %JAVA_HOME% and enter.
Step 4. Use this command in order to import the Finesse certificates to the AW server.