Certificate for VCS Control and Expressway

Similar Messages

• Info required for VCS control and expressway upgradation

  Hi Folks
  We have a VCS control and VCS expressway in our enviornment.VCS control is in cluster with another VCS control and same is for VCS expressway.We are planning these to upgrade it on X8.1 version both control and expressway.Your experts view are required on the below points :-
  1) The VCS control is configured in cluster how we need to proceed with upgradation first with master or with slave VCS.
  2) Where we can take the backups of the VCS
  3)Whre we can download the software for both expressway and control
  4) Both VCS control and expressway are in communication with each other.Which one we need to upgrade first expressway or control.
  Regards
  Tarun

  Hi Tarun,
  If you are thinking to go on x8.1 then obviously i assume that you must be running TMS-PE for provisioning.
  Compared to legacy (opends) method, PE is more flexible and it is simple to upgrade.
  i will suggest you to go through the below document for upgrading the cluster.
  http://www.cisco.com/c/dam/en/us/td/docs/telepresence/infrastructure/vcs/config_guide/X8-1/Cisco-VCS-Cluster-Creation-and-Maintenance-Deployment-Guide-X8-1.pdf
  - i think you should first take the backup of VCS, atleast backup of master server. to do that go to maintenance and from there you would go to "backup and restore" and backup the VCS
  - you can go ahead with upgrading your  VCS slave first and then master, atleat i take that approach!! i never saw any issues with that may be some one else take a second approach.
  -  you would be able to download the software at the below page.
  http://software.cisco.com/download/release.html?mdfid=283733603&softwareid=280886992&release=X8.1&relind=AVAILABLE&rellifecycle=&reltype=latest
  - again you can first target VCS-E and then VCS-C (again no thumb rule for that), untill some else think of some other things.
  regards
  Alok

• Installation VCS Control and Expressway vmware applications on one BE6000

  Hello Community,
  I want to buy one BE6000 and additional VCS Expressway vmware application. Then I'm going to deploy VCS Control vmware application and VCS Expressway vmware application on this BE6000. Also I plan to place this BE6000 in the DMZ.
  Please help me, may I do that kind of deployment - VCS Control and Expressway vmware applications on ONE BE6000 ?
  Thanks in advance.
  Regards, Maksim.

  The BE6000 supports VCS-c I belive you would need a seperate box for the VCS-e
  http://www.cisco.com/en/US/prod/collateral/voicesw/ps6788/vcallcon/ps11369/at_a_glance_c45-720492.pdf
  http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/BE6000/InstallationGuide/9_x/CUCM_BK_IA4BAD3A_00_installing-cisco-business-edition-6000.pdf
  Also I would check Cisco site for the new Co-residency Policy Requirements
  http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/BE6000/Coresidency/9_x/BE6K_coRes.html

• Destiny - $10 Reward Certificate for Pre-order and Purchase

  So as the title states, according to BB's promotion,anyone that pre-orders the Destiny game and purchases it, gets a $10 reward certificate. 
  I was one of the lucky few that actually pre-ordered the Destiny Limited Edition and did not have it get cancelled due to limited suppy. Regardless, why doesn't the Destiny Limited Edition have the special offer for the $10 reward certificate for pre-order and purchase? I am hoping this is just an oversite.
  Promo Link
  Solved!
  Go to Solution.

  Hi JBROWN52,
  Congratulations on securing a copy of the Limited Edition of Destiny!
  I wanted to jump in and reiterate what enuf has said. The $10 Reward Certificate bonus should be credited to your My Best Buy account within 20 days after you receive your copy of Destiny, whether it be picked up in-store or shipped to you. If for any reason you don’t see the points after this time has elapsed, please create a post letting us know and we’ll be more than happy to help out.
  Let us know if you have any other questions and thanks for pre-ordering Destiny at Best Buy.
  Cheers,
  Brian|Senior Social Media Specialist | Best Buy® Corporate
   Private Message

• WLC: which software-version support SHA2 certificates for Web Authentification and Web Management ?

  Hello,
  I tried to install new SHA2 3th-Party certificates on our WLCs. There are old WiSM1-Boards and 2504 to support our old 1230 Access Points, running 7.0.251.2, which didn't install it, although the config manual for 7.6 and 8.0 say that SHA2 certificates are supported since 7.0.250.0. When I tried to install the SHA2-certificates I get the message "File transfer failed" an the log says:
  *TransferTask: Dec 12 13:22:14.394: #UPDATE-3-CERT_INST_FAIL: updcode.c:1869 Failed to install Webauth certificate. rc = 1
  *TransferTask: Dec 12 13:22:14.394: #SSHPM-3-KEYED_PEM_DECODE_FAILED: sshpmcert.c:4085 Cannot PEM decode private key
  I tried to install the same certificates on our WiSM2-Boards, running 7.4.121.0 and I failed too. The same certificates could be installed on a 2504 running 8.0.100 without any problems.
  In all 3 cases I tried to install unchained certificates for web management and Level 3 chained certificates  for web authentication. I used the following guides to get the certificates (e.g. taken from the config manual 8.0.100):
  http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/109597-csr-chained-certificates-wlc-00.html
  http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/70584-csr-wlc-00.pdf
  Which software versions support SHA2 certificates and which didn't ? Is the a list for it ?
  Regards

  Hello,
  I solved the problem. First I used a Debian Linux system with Openssl 1.0.1. After I searched the internet using one of the log messages above I found sites which mentioned to use Openssl 0.9.x. So I tried a productive and security fixes Debian Linux System running Openssl 0.9.8 and I succeeded. The wlcs accepted the certificate files and used it after a reboot. The Web GUI still shows a SHA1 Fingerprint, but the certificate signature Algorithm is SHA2:
  Signature Algorithm: sha256WithRSAEncryption
  When you check the openssl.org homepage Openssl 0.9.8 is still one of the actual version of openssl and is still available and fixed. But the Openssl Roadmap says:
  "We don't want to have to maintain too many branches. This is likely to include a timescale for the EOL of version 0.9.8"
  I don't know the differences between certificates made with openssl 0.9.8 and 1.0.1. Is there anybody who can explain it to me ?
  Regards

• Macbook pro w/ Mavericks - right command and right option functioning as shortcuts for mission control and show desktop

  Hello,
  All of a sudden my right command and right option keys are functioning as shortcuts for mission control and show desktop respectively. I haven't changed anything and can't seem to find any shortcut option in system preferences to change it. Control + up still works for mission control as default, and F11 is still show desktop. Left command and left option are working as normal.
  Any suggestions? I have a feeling theres some silly little thing I've missed...
  Thanks.
  B.

  Hello benja_d
  That is an interesting issue with the keyboard. To help isolate the issue, open up the Keyboard view to see if there are any keys being held down while you are typing to see if that is the issue. You will also will want to try this in another user on your computer to see if it something that is User specific or system wide. Let me know if you have figured out this part and I can help you further.
  One or more keys on the keyboard do not respond
  http://support.apple.com/kb/ts1381
  Regards,
  -Norm G.

• How to get the printout of TDS Certificate for Sec-194I and 194H in SAP

  Dear Experts,
  I have a requirement at the time of  taking printout of TDS Certificate for Sec-194I and 194H Printer got hanged and could not be able to take printout.But when printer got OK,user took printout of the said TDS certificate but Acknowledgment Number is not getting print.
  How can i get the printout of certificate with acknowledgment Number and all details.
  Yours' help would be appreciable.
  Thanks&Regards

  Hi
  This link will be of use to you.
  http://www.sapficoconsultant.com/pdf/Extended%20Withholding%20tax%20configuration.pdf
  Also check the SAP Notes 1046758, 1094944, 1062383
  Regards
  Sanil

• Update Secure Certificate for Mail (Identification and Encryption)

  Hello...
  Can you help?
  I have several email addresses; all of which have valid secure certificates (stored by default automatically in Key Chain).
  Whereas previously the certificates did not feature my name, new ones have been issued which do.
  So... my question is as follows:
  How do I point Mail to use the new certificates that have my name engrained within, opposed to the older ones which do not?
  Thank you, in advance.
  A

  Hi ... I have been struggling with exactly this point, too. Try out the new Leopard feature called "New preferred Identity". For this open keychain, go to my certificates and control-click on each certificate individually as choose "new preferred identity". Here you can type the e-mail address and choose one of your certificates to be used "preferably". This is the official Apple way of doing it and you may read further information in the support section. Please let me know if it works with you!
  In any case, it hasn't worked for me. I had to delete all old certificates for the same e-mail address and keep only the most recent one with my real-life name in it (you can delete right in keychain). After restart mail.app only uses the new certificate for signing e-mails.
  You would expect that deleting the old certificate destroys your ability to read the older encrypted e-mails. But the good news is that everytime you open an e-mail with your old certificate mail.app will add the old certificate back to keychain and you can again read your encrypted e-mails which used the 'public' key from the old certificate. Although mail.app will add the old certificates again it will continue to use the new certificate. I call this a work-around because really the "new identity preference" should have worked.
  I hope I helped you.
  Valentin.

• VCS-C and Expressway co-residency

  Hi,
  is the co-residence of VCS-C and Expressaway supported in both BE6K models, or only on the High Density one?
  Thanks
  V

  Hi,
  Yes, this is possible for both server options provided that you follow and comply with the co-residency policy.
  Don't forget, you will need to purchase the Virtualized Expressway application and licensing separately.
  Regards,
  Andy

• Removing the default (View As Icon) for the control and Indicator

  If you remove the default selection View As Icon  for all the control and indicator, it is good for the programmer for easy to visualize the Block diagram code.

  This has already been suggested - http://forums.ni.com/t5/LabVIEW-Idea-Exchange/Default-Option-Do-NOT-Place-Front-Panel-Terminal-as-Icon/idi-p/926871
  Also, note that you can already change it on your computer as mentioned there.

• I can only make outgoing calls. My home button is only working for voice control and won't take me back to menu. I am only in the calling screen and can't even shut off. What do I do?

  I am freaking out! I am a college student and owner of my Iphone 3Gs. I just got it this past August and I don't understand what is wrong. I did not drop it or come into contact with any water or disabling substance. I am literally stuck on the calling page with favorites, recents, contacts, keypad and voicemail. When I push my Home button I am not brought back to my menu. When I hold it down voice control is enabled but I still can't get to my menu. Then when I try to hold the sleep button to shut off nothing happens. What's wrong with my phone? I can't even go into contacts and hit text message nothing happens. Also, when I get a message in nothing happens when I push view. Please help me.

  Try a reset by pressing the home and sleep buttons until you see the Apple logo, ignoring the slider. Takes about 5-15 secs of button holding and you won't lose any data or settings.

• Design UCM - Expressway - VCS Control - interconnection?

  I've been looking around to find the preferred design when deploying a UC environment with UCM, Expressway C&E and a VCS control for registration and call control of legacy VC endpoints.
  Between UCM & Expressway-C: SIP trunk
  For the VCS Control I prefer neighbouring with Expressway because it is easier with the zones and search rules to make a routing plan.
  But for each cal going across the Expressway-C  (UCM-> Exp-C -> VCS Control) a RMS license will be consumed.
  So is it better to make a SIP trunk between VCS Control and UCM to avoid the use of RMS's? But how to route calls on the UCM when you can only the poor 'SIP Route Pattern' routing function of the UCM?
  Any advice / thoughts on this?
  rgds, Geert.

  You cannot register devices on a Exp-C. For this you need to use a VCS-C to register legacy vc endpoints such as MXP, Polycom, etc.

• New server and/or CA certificate for connection from custom authentication

  We are running Access Manager version 72005Q4 in the Sun ONE Web Server 6.1SP5 B06/23/2005 container with java build 1.5.0_07-b03. I run a custom authentication module which checks sessions against our university single sign on system which is CAS (from Yale/Jasig). The checks are essentially https calls. All this has been working well for us for the last couple of years.
  I would like to migrate the certificate used on the university CAS system from a Verisign certificate to a wildcard certificate issued by the IPS CA in spain -- these are in most browsers but are not in the standard batch of cacerts CA's -- and are free for .edu domains.
  My other java based authentication plugins (Blackboard, custom apps etc) have worked fine once I import the certificate into the cacerts for the java container, but I'm missing something (obvious probably) about importing this certificate so that my amserver custom authentication module can connect to the CAS server once the CAS server is using the new certificate.
  Could anyone provide guidance on where I need to import this server certificate (or preferably the IPS CA) in order to allow the custom authentication module to work properly? I assume this same problem has been solved by people wishing to connect from the amserver to services with self signed certificates. For some reason I'm finding the debugging unexpectedly difficult, I'll outline some of those details below.
  Relevant things I've tried so far:
  Import both the server cert and the IPS CA into the cacerts of the java container identified in the web server server.xml /usr/jdk/entsys-j2se.
  Import the IPS CA into the web server cert8 style db via the web admin server.
  The debugging has surprised me a bit, as I'm not getting an error that is explicitly SSL related error. It almost seems like the URLConnection object ends up using a HttpURLConnection rather than an HttpsURLConnection and never gives me a cert error, rather a connection refused since there is no non SSL service running on CAS. The same code pointed to the server running the verisign cert works as expected.
  Part of the stack:
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: java.net.ConnectException: Connection refused
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.socketConnect(Native Method)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.Socket.connect(Socket.java:516)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.Socket.connect(Socket.java:466)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.NetworkClient.doConnect(NetworkClient.java:157)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.openServer(HttpClient.java:365)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.openServer(HttpClient.java:477)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.<init>(HttpClient.java:214)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.New(HttpClient.java:287)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.New(HttpClient.java:311)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.setNewClient(HttpURLConnection.java:489)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.setNewClient(HttpURLConnection.java:477)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.writeRequests(HttpURLConnection.java:422)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:937)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at edu.yale.its.tp.cas.util.SecureURL.retrieve(Unknown Source)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(Unknown Source)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at edu.fsu.ucs.authentication.providers.CASAMLoginModule.process(CASAMLoginModule.java:86)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at com.sun.identity.authentication.spi.AMLoginModule.wrapProcess(AMLoginModule.java:729)
  The relevent bit of code from the SecureURL.retrieve looks as follows:
  URL u = new URL(url);
  if (!u.getProtocol().equals("https"))
  throw new IOException("only 'https' URLs are valid for this method");
  URLConnection uc = u.openConnection();
  uc.setRequestProperty("Connection", "close");
  r = new BufferedReader(new InputStreamReader(uc.getInputStream()));
  String line;
  StringBuffer buf = new StringBuffer();
  while ((line = r.readLine()) != null)
  buf.append(line + "\n");
  return buf.toString();
  } finally { ...
  The fact that this same code in other authentication modules running outside the amserver (in other web containers as well, tomcat and resin for example) running java 1.5 works fine with the new CA, as well as with self signed certs that I've imported into the appropriate cacerts file leads me to believe that I'm either importing the certificate into the wrong store, or that there is some additional step needed for the amserver in the Sun Web container.
  Thank you very much for any insights and help,
  Ethan

  I thought since this has had a fair number of views I would give an update.
  I have been able to confirm that the custom authentication module is using the cert8 db defined in the AMConfig property com.iplanet.am.admin.cli.certdb.dir as documented. I do seem to have a problem using the certificate to make outgoing connections, even though the certificate verifies correctly for use as a server certificate. This is likely a question for a different forum, but just to show what I'm looking at:
  root@jbc1 providers#/usr/sfw/bin/certutil -V -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -u V
  certutil: certificate is valid
  root@jbc1 providers#/usr/sfw/bin/certutil -V -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -u C
  certutil: certificate is invalid: Certificate type not approved for application.
  root@jbc1 providers#/usr/sfw/bin/certutil -M -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -t uP,uP,uP
  root@jbc1 providers#/usr/sfw/bin/certutil -V -l -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -u C
  FSU Wildcard Certificate : Certificate type not approved for application.
  So it could be that I don't understand how to use the certutiil to get the permissions I want, or it could be that using the same certificate for both server and client functions is not supported -- though you can see why this would be a common case with wildcard certificates.
  BTW for those interested, it did seem to be the case that when the certificate failure occurred that the attempt was then made by the URLConnection to bind to port 80 in cleartext even though the URL was clearly https. I'm sure this was just an attempt to help out misformed URL, but it seemed that the URLConnection implementation in the amserver would swapped traffic over cleartext if that port had been open on the server I was making the https connection to; that seems dangerous to me, I would not have wanted it to quietly work that way exposing sensitive information to the network.
  This was why I was getting back a connection refused instead of a certificate exception. The URLConnection implementation used by the amserver is defined by java.protocol.handler.pkgs=com.iplanet.services.comm argument passwd to the JVM, and I imagine this is done because the amserver pre-dates the inclusion of the sun.net.www.protocol handlers, but I don't know, there maybe reasons why the amserver wants it own handler. I only noticed that this is what was going on when I as casting the httpsURLConnection objects to other types trying to diagnose the certificate problem. I would be interested in hearing if anyone knows if there is a reason not to use sun.net.www.protocol with the amserver.
  After switching to the sun.net.www.protocol handler I was able to get my certificate errors rather than the "Connection Refused" which is what lead me to the above questions about certutil.

• Qosmio X300 - Remote control and function bar for windows seven

  Hi,
  I have bought this PC with Vista x64. I have upgraded it to windows 7 (x64)
  But I didn??t find driver for remote control and function bar. The drivers for Vista *64 don't work.
  Help me plz.
  Thanks for reading
  (Sry for my bad English)

  Hi
  The Win 7 drivers are not available for this unit at this time.
  But I found some Win 7 drivers on the Toshiba US driver page.
  Of course you will not find exactly the same X300 series but you can choose the drives released for Qosmio X305-xxxx
  There is no big difference between X300 and X305 so the Win 7 drivers should work too

• Certificate for Portal and BackendSystems. What do I have to take careAbout

  Hello,
  I would like to buy a certificate for the secured HTTP but I don't know what I have to take care about?
  Where do you buy your certificates? Can I use "wildcards"-certificates for the portal and the backend-systems.
  Is there a good shop for buying a certificate in Germany?
  Thanks, Vanessa

  Vanessa,
  You can approach both Verisign and Thawte and collect information.
  In case of Thawte, you can just go their site and there is an option for an online free chat with a Thawte associate. He/she will then guide you further.
  They will also share the details required for the certificate to get authorized.
  Plus before ordering, you can also check the correctness of ur certificate for free on their site.
  Hope this helps.
  Regards,
  Ritu