Re: [cisco-voip] Wildcard certificates

Yeah. In my experience, the cert can have as many extra sans as you want, but all of the sans the cucm csr has have to be there, and spelled correctly. Sent from my iPhone > On Jun 19, 2020, at 1:02 AM, James Andrewartha > wrote: > > It helps if I spell speeddial instead of speedidal  >

Re: [cisco-voip] Wildcard certificates

It helps if I spell speeddial instead of speedidal  On 19/6/20 2:21 pm, Anthony Holloway wrote: > I've got some thoughts, though, I've never done this before, so it's > just guessing. > > You don't need *.domain.com in your SAN. > > Just generate your CSR on CUCM as if you

Re: [cisco-voip] Wildcard certificates

I've got some thoughts, though, I've never done this before, so it's just guessing. You don't need *.domain.com in your SAN. Just generate your CSR on CUCM as if you were not using wildcard certificates. Then when you dupe your wildcard on digitcert's site, manually add the exact same SANs in

Re: [cisco-voip] Wildcard certificates

It has never been supported, so, if you run into any issues and TAC sees it, they may tell you to remove it, just FYI. Given that, with Digicert, can you duplicate a wildcard cert, like you can a Multi-San? On Thu, Jun 18, 2020 at 11:57 PM James Andrewartha < jandrewar...@ccgs.wa.edu.au> wrote:

[cisco-voip] Wildcard certificates

Hi voipers, I'm trying to update the wildcard on our CUCM/IMP servers, and am hitting a problem. We have a digicert wildcard, which I used successfully before, but now when generating the certificate the UI complains that *.ccgs.wa.edu.au isn't a valid certificate name or SAN. I hacked the