CUCM certificates

Dieselboy · June 10, 2016, 04:26:42 AM

Has anyone managed to export private keys from CUCM? They are locked down but I've read somewhere it's possible with a bit of work.

I would like to export the private key for XMPP and keep it locked away but this would allow me to optimise some stuff with the Riverbed as XMPP is encrypted and so passes thru.

Dieselboy · June 14, 2016, 12:11:44 AM

CUCM DRS backs up all certs.. I wonder if I can grab it from there.

deanwebb · June 14, 2016, 07:37:59 AM

Keep in mind that private keys *should* be hard to extract... if they're done properly.

Dieselboy · June 14, 2016, 09:50:24 PM

Yes I'm expecting it's not possible... But will have a look anyway.

I understand the security reasons for keeping this secure, but it's preventing me doing some things which will benefit the business operation. :/

I will still keep the keys secure as they are now if I had access to them, but the difference is I would have access to them

Dieselboy · September 05, 2016, 09:52:38 PM

I just had a webex with TAC and they gained ROOT access to both nodes. When the meeting ended the putty sessions were left open. I pulled off one of the ".keystore" where the private key should be and none of the passwords I could logically think of worked to gain access to it, so I've given up and logged out

-- Where there's a Will, there's a way. Unfortunately, I don't know anyone named Will.

CUCM certificates

Dieselboy

Dieselboy

deanwebb

Dieselboy

Dieselboy