FQDN between blast notifier and Cisco phones
Cisco
phones- Open theAuthenticator.exe.configfile.
- ChangeSecurePortto an unused port of your choose.
- Save the file.The default port value is 8008. Standard practice is to use a 4-digit port number that ends in 443, for example 8443.
- Open theBlastNotifier.exe.configfile.
- ChangeAppServerURLto use the server's FQDN.
- Save the file.
- Request a CA-signed certificate for the new port. Use a Certificate Authority of your choice and install the certificate.
- Open the CA-signed certificate. Click theDetailstab. Scroll down to the bottom of theDetailswindow and clickThumbprint.You can use this value to bind the certificate to the new port.
- Bind the CA-signed certificate to the new port (for the URLs) using thenetshcommand.netsh http add sslcert ipport=0.0.0.0:<Port> certhash=<Thumbprint> appid={00112233-4455-6677-8899-AABBCCDDEEFF}where<Port>is theSecurePortdefined in theAuthenticator.exe.configfile.This must be a free port as you are binding to all available interfaces in this case.where<Thumbprint>is the Thumbprint from the Details tab of the CA-signed cert. Remove all spaces.If a binding already exists for this port it must first be removed using the following command:netsh http delete sslcert ipport=0.0.0.0:<Port>Do not bind this certificate to that port using the IIS control panel. This will cause the other bindings ofNDSwith port 443 to fail. You must usenetshinstead of IIS. Leave the existing binding to the system-generated certificate in place.
- To upload the CA certificate, clickCUCM OS Administration>Certificate Management>Upload Certificate/Certificate chainand from thecertificate purposedrop-down list, selectPhone-trust.