How to Regenerate Imagicle Digital Certificate for secure Call Recording and Advanced Queuing

Applies to:

Imagicle UCX Suite for Cisco UC 2017.6.1 and newer.

Description:

The SIP Trunk security certificate must be loaded on CuCM to support encrypted calls recording and encrypted calls routing to Imagicle Advanced Queuing. The certificate may become invalid when:

• It expires (5 years after deployment).

• You change the Computer Name of the Imagicle Server.

Solution:

The following procedure forces Imagicle to create a new self-signed certificate for the machine it is installed on, including the current Computer Name.

The procedure requires you to either restart Imagicle Call Recording or Advanced Queuing services, and should be executed when the system is idle.

1. Connect to UCX Suite server via RDP

2. Locate the following folder: <install-dir>\Apps\ApplicationSuite\certificates

3. Delete these files: imagicle-certificate.pem, imagicle-privatekey.pem

4. Log into the UCX Suite web interface as Administrator

5. Go to Call Recording --> Manage service and restart Imagicle Call Recording service

6. Go to Advanced Queuing --> Manage service and restart Imagicle Advanced Queuing service

7. Go to Admin --> System Parameters --> Secure communications certificate and download the new certificate

8. Load the new certificate on CuCM, as described here for Call Recording, here for Advanced Queuing.

9. Update the Cisco SIP Trunk Security Profile with the new certificate CN (Common Name)