Certificates for Live Data

Certificates and Secure Communications

For secure Cisco Finesse, Cisco Unified Intelligence Center, and Live Data server-to-server communication, perform any of the following:

  • Use the self-signed certificates provided with Live Data.


    Note

    When using self-signed certificates, agents must accept the Live Data certificates in the Finesse desktop when they sign in before they can use the Live Data gadget.

  • Obtain and install a Certification Authority (CA) certificate from a third-party vendor.

  • Produce a Certification Authority (CA) certificate internally.

Export Self-Signed Live Data Certificates

Live Data installation includes the generation of self-signed certificates. If you choose to work with these self-signed certificates (rather than producing your own CA certificate or obtaining a CA certificate from a third-party certificate vendor), first export the certificates from Live Data and Cisco Unified Intelligence Center. You must export from both Side A and Side B of the Live Data and Cisco Unified Intelligence Center servers. Once done, import the certificates into Finesse, importing both Side A and Side B certificates into each side of the Finesse servers.

When using other self-signed certificates, agents must accept the Live Data certificates in the Finesse desktop when they sign in to use the Live Data gadget.

Procedure

Step 1

Sign in to Cisco Unified Operating System Administration on the Live Data server using the following URL: http://hostname of Live Data server/cmplatform.

Step 2

From the Security menu, choose Certificate Management.

Step 3

Click Find.

Step 4

Perform one of the following:

  • If the tomcat-trust certificate for your server is not on the list, click Generate New. When the certificate generation is complete, reboot your server. Then restart this procedure.

  • If the tomcat-trust certificate for your server is on the list, click the certificate to select it. (Ensure that the certificate you select includes the hostname for the server.)

Step 5

Click Download .PEM File and save the file to your desktop.

Perform these steps for both Side A and Side B.

Step 6

After you have downloaded the Live Data certificates, sign in to Cisco Unified Operating System Administration on the Cisco Unified Intelligence Center server using the following URL: http://hostname of CUIC server/cmplatform, and repeat steps 2 to 5.

What to do next

Import the Live Data and Cisco Unified Intelligence Center certificates into the Finesse servers.

Import Self-Signed Live Data Certificates

To import the certificates into the Finesse servers, use the following procedure:

Procedure

Step 1

Sign in to Cisco Unified Operating System Administration on the Finesse server using the following URL:

http://FQDN of Finesse server:8443/cmplatform

Step 2

From the Security menu, choose Certificate Management.

Step 3

Click Upload Certificate.

Step 4

From the Certificate Name drop-down list, choose tomcat-trust.

Step 5

Click Browse and browse to the location of the Live Data or Cisco Unified Intelligence Center certificate (with the .pem file extension).

Step 6

Select the file, and click Upload File.

Step 7

Repeat steps 3 to 6 for the remaining unloaded certificate.

Step 8

After you upload both certificates, restart Cisco Finesse Tomcat on the Finesse server.

What to do next

Perform these steps for both Side A and Side B.

Obtain and Upload Third-party CA Certificate

You can use a Certification Authority (CA) certificate provided by a third-party vendor to establish an HTTPS connection between the Live Data, Finesse, and Cisco Unified Intelligence Center servers.

To use third-party CA certificates:

  • From the Live Data servers, generate and download Certificate Signing Requests (CSR) for root and application certificates.

  • Obtain root and application certificates from the third-party vendor.

  • Upload the appropriate certificates to the Live Data, Unified Intelligence Center, and Finesse servers.

Follow the instructions provided in the Unified CCE Solution: Procedure to Obtain and Upload Third-Party CA certificates (Version 11.x) technical note at : https://www.cisco.com/c/en/us/support/docs/customer-collaboration/unified-contact-center-enterprise-1101/200286-Unified-CCE-Solution-Procedure-to-Obtai.html .