This document describes how to configure and verify Certificate Authority (CA) signed certificate on the Cisco Voice Portal (CVP) Operation Administration and Management Portal (OAMP) server.
Microsoft Windows based Certificate Authority server is already preconfigured.
Cisco recommends that you have knowledge of the PKI infrastructure.
The information in this document is based on these software and hardware versions:
CVP version 11.0
Windows 2012 R2 Server
Windows 2012 R2 Certificate Authority
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Command Reference List
more c:\Cisco\CVP\conf\security.properties cd c:\Cisco\CVP\conf\security
What is your first and last name? [Unknown]: cvp11.allevich.local What is the name of your organizational unit? [Unknown]: TAC What is the name of your organization? [Unknown]: Cisco What is the name of your City or Locality? [Unknown]: Krakow What is the name of your State or Province? [Unknown]: Malopolskie What is the two-letter country code for this unit? [Unknown]: PL Is CN=cvp11, OU=TAC, O=Cisco, L=Krakow, ST=Malopolskie, C=PL correct? [no]: yes
Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 90 days for: CN=cvp11, OU=TAC, O=Cisco, L=Krakow, ST=Malopolskie, C=PL (RETURN if same as keystore password): [Storing .keystore]
Verify that the key pair was generated.
c:\Cisco\CVP\conf\security>dir | findstr oamp.key
05/27/2016 08:13 AM 1,724 oamp.key
Ensure to enter first and last name as your OAMP Server. The name must be resolvable to an IP address. This name will appear in the CN field of the certificate.
Generate New CSR
Run this command to generate the certificate request for the alias and save it to a file (for example, oamp.csr).