- Herencia, propósito y creatividad confluyen sobre un manto tecnológico en los irrepetibles UMusic Hotels
- OpenAI, SoftBank, Oracle lead $500B Project Stargate to ramp up AI infra in the US
- 오픈AI, 700조원 규모 'AI 데이터센터' 프로젝트 착수··· 소프트뱅크·오라클 참여
- From Election Day to Inauguration: How Cybersecurity Safeguards Democracy | McAfee Blog
- The end of digital transformation, the rise of AI transformation
CUCM Mixed Mode With Tokenless CTLs
CUCM Mixed Mode With Tokenless CTLs
move phones registered to the old cluster to instead register to the new cluster.
Download the CallManager.pem from new cluster pub and upload that cert as phone-trust to the old cluster. This will enable the old cluster TVS to have TVS-aware phones trust the new cluster.
When the phone is told (say, via change in DHCP option 150 value) to register to the new cluster, it will fail to authenticate the new cluster’s CTL file due to a different file signer.
So, the phone will then connect with its already-trusted TVS server in the old cluster. At this point, since the new cluster pub cert was added as phone-trust in the old cluster, TVS will instruct the phone to trust the cert.
Then, based on TVS’s go-ahead, the phone will now load and install the new cluster CTL file.
At this stage, the phone will trust only the entries in the new cluster CTL file – and also any certs that the new cluster’s TVS can trust.
Also, it seems like this procedure would also work with the token-based CTL client, as long as TVS is present and all the moving endpoints support TVS.
http://www.cisco.com/c/en/us/support/docs/unified-communications/unified-communications-manager-callmanager/118893-technote-cucm-00.html
thanks for this quick note. Just a question – after you uploaded new cluster’s callmanager.pem as a Phone-SAST-trust certificate, did you restart the TVS service? Were you required to restart the phones in the old cluster after this, or did you only need a reboot when you moved them across?