Cisco Unified MeetingPlace, Release 7.0 -- How to Replace an Expired Intermediate Certificate for the Home Page

From DocWiki

Jump to: navigation, search

Main page: Cisco Unified MeetingPlace, Release 7.0

Up one level: Configuration



Note: As of April 2006, all SSL certificates issued by VeriSign require the installation of an intermediate Certificate Authority (CA) certificate. The SSL certificates are signed by an intermediate CA using a two-tier hierarchy (also known as trust chain) which enhances the security of SSL certificates.


For more information, go to: http://www.verisign.com/support/advisories/page_040611.html.



Contents

Downloading the Updated VeriSign Intermediate CA

When downloading the intermediate CA certificate, ensure that you select the appropriate one for your SSL certificate: either Secure Site with EV Certificates (Secure Server) or Secure Site Pro with EV Certificates (Global).


Procedure
  1. If you are not sure which certificate you have purchased, follow these steps:
    1. Go to VeriSign Search Certificates page.
    2. Type your Common Name or Order Number.
    3. Click Search.
    4. Click the certificate name for your certificate.
  2. Go to the VeriSign intermediate CA certificates web page and select the CA certificate for your product.
  3. Copy and paste the contents into a text (Notepad) file.
  4. Save the file as newintermediate.cer.


Creating a Certificate Snap-In

Procedure
  1. From the Web server, click Start > Run.
  2. In the text box, type mmc.
  3. Click OK.
  4. For IIS 5.0: From the Microsoft Management Console (MMC) menu bar, select Console > Add/Remove Snap-in.
  5. For IIS 6.0: From the Microsoft Management Console (MMC) menu bar, select File > Add/Remove Snap-in.
  6. Click Add.
  7. From the list of snap-ins, select Certificates.
  8. Click Add.
  9. Select Computer account.
  10. Click Next.
  11. Select Local computer (the computer this console is running on).
  12. Click Finish.
  13. In the snap-in list window, click Close.
  14. In the Add/Remove Snap-in window, click OK.
  15. Save these console settings for future use.


Removing the Expired Intermediate CA

Procedure
  1. From the left pane, double-click Certificate (Local Computer).
  2. Click Intermediate Certification Authorities > Certificates.
  3. Locate the certificate issued to www.verisign.com/CPS Incorp.by Ref.LIABILITY LTD. (C)97 VeriSign (expiration date of 1/7/2004).
  4. Right-click the certificate.
  5. Click Delete.
  6. From the left pane, click Trusted Root Certification Authorities > Certificates.
  7. Locate the certificate issued to Class 3 Public Primary Certification Authority (expiration date of 1/7/2004).
  8. Right-click the certificate.
  9. Click Delete.


Installing the New Intermediate CA

Procedure
  1. From the left pane, click Intermediate Certification Authorities.
  2. Right-click Certificates.
  3. Click All Tasks > Import.
  4. At the Certificate Import Wizard, click Next.
  5. Select the Intermediate CA Certificate file.
  6. Click Next.
  7. Select Place all certificate in the following store: Intermediate Certification Authorities.
  8. Click Next.
  9. Click Finish.
  10. Restart the Web Server.
    If this does not resolve the issue, then physically reboot the Web Server. The Web Server should now only have one Intermediate CA that expires in 2016.

NOTE: When you restart the Web Server, all manual changes made to the registry are lost.

Rating: 3.0/5 (1 vote cast)

Personal tools