Cisco Jabber: Mandatory Server Certificate Validation TechNote
Available Languages
Introduction
Cisco Jabber clients will soon default to mandatory validation of all server certificates in order to enhance the security environment of the Cisco collaboration solution and establish secure connections between client and server.
On-Premise Servers
Jabber will begin to validate certificates against these on-premise servers:
- Cisco Unified Communications Manager (CUCM)
- CUCM Instant Messaging and Presence (IM/P) (Cisco Unified Presence Server [CUPS])
- Cisco Unity Connection
- Cisco WebEx Meetings Server
Each individual server presents a certificate for each type of secure connection. If a server certificate is not from a trusted
Certificate Authority (CA), which is the case for a self-signed certificate, the certificate needs to be loaded into the client OS certificate store. Otherwise, Jabber users will be prompted to accept or decline individual server certificates when they initially connect.
Consult the server administration documentation for your release in order to determine how to set up server certificates in preparation for this change.
Jabber Clients
The target dates for the introduction of this change are:
| Desktop Clients | Date |
|---|---|
| Jabber Mac 9.2 | September 2013 |
| Jabber Windows 9.2.5 | September 2013 |
| Mobile and Tablet Clients | Date |
|---|---|
| Jabber for iPhone 9.5 | October 2013 |
| Jabber for iPhone and iPad 9.6 | November 2013 |
| Jabber for Android 9.6 | December 2013 |
Cloud Services
There is no change required for cloud services that are provided by Cisco. Jabber clients will also validate certificates for WebEx Messenger and WebEx Meetings servers that are already signed by a public internet CA.
Revision History
| Revision | Publish Date | Comments |
|---|---|---|
1.0 |
09-Oct-2013 |
Initial Release |
FeedbackContact Cisco
- Open a Support Case
- (Requires a Cisco Service Contract)