Cisco Systems ASA 5510 Network Router User Manual


  Open as PDF
of 2086
 
8-21
ASDM configuration guide
Chapter 8 Using the Cisco Unified Communication Wizard
Configuring the UC-IME by using the Unified Communication Wizard
Configuring the Local-Side Certificates for the Cisco Intercompany Media
Engine Proxy
Completing this step of the wizard generates a self-signed certificate for the ASA. The server proxy
certificate is automatically generated using the subject name provided in an earlier step of this wizard.
The wizard supports using self-signed certificates only.
A trusted relationship between the ASA and the Cisco UMA server can be established with self-signed
certificates. The certificates are used by the security appliance and the Cisco UCMs to authenticate each
other, respectively, during TLS handshakes.
The ASA's identity certificate is exported, and then needs to be installed on each Cisco Unified
Communications Manager (UCM) server in the cluster with the proxy and each identity certificate from
the Cisco UCMs need to be installed on the security appliance.
This step in the Unified Communications Wizard only appears when the UC-IME proxy that you are
creating has at least one secure Cisco Unified Communications Manager server defined. See Configuring
the Topology for the Cisco Intercompany Media Engine Proxy, page 8-17 for information.
Step 1 In the ASA’s Identity Certificate area, click Generate and Export ASA’s Identity Certificate.
An information dialog boxes appear indicating that the enrollment seceded. In the Enrollment Status
dialog box, click OK. The Export certificate dialog box appears.
Note If an identity certificate for the ASA has already been created, the button in this area appears as
Export ASA’s Identity Certificate and the Export certificate dialog box immediately appears.
When using the wizard to configure the Cisco Intercompany Media Engine Proxy, the wizard only
supports installing self-signed certificates.
Step 2 Export the identity certificate generated by the wizard for the ASA. See Exporting an Identity
Certificate, page 8-23.
Step 3 In the Local Unified CM’s Certificate area, click Install Local Unified CM’s Certificate. The Install
Certificate dialog appears.
Step 4 Locate the file containing the certificate from the Cisco Unified Communications Manager server or
paste the certificate details in the dialog box. See Installing a Certificate, page 8-23. You must install the
certificate from each Cisco Unified Communications Manager server in the cluster.
Step 5 Click Next.
Note See the Cisco Intercompany Media Engine server documentation for information on how to export the
certificate for this server.