I am starting here because it's ultimately CUIC related, but I recognize the cross-thread nature of the issue.
I have CUIC 10.5 installed with the default SSL Cert.
I have Finesse 10.5 installed with the default SSL Cert.
I have the Out-of-the-box CUIC Gadget for 10.5 configured and installed.
I have exported the CUIC Cert from the CUIC Server and Imported it into Finesse according to the process doc:
I am getting Certificate Errors in my client browser when accessing the Gadget in Finesse.
I do not get Certificate Errors when accessing the Permalink directly.
I do not get Certificate Errors when access Finesse.
Does anyone have a recommendation on what the "correct" method of applying Certs should be?
TAC directed me here and closed my SR.
Thanks for any advice that anyone has. ! !
Which web browser are you using? This will likely work better in IE than Firefox or Chrome, as IE is less strict about cross-host self-signed SSL.
The best user experience will be if you obtain 3rd party SSL certs - that will certainly get rid of any errors.
I have tried all of the browsers and they all block the gadget data from appearing with no way to install/accept the 3rd party cert at the client browser.
Here's my question that I asked TAC - if Cisco is providing CUIC and Cisco provides Finesse and Cisco provides the Sample CUIC Gadget for Finesse (which arguably should be a core product, but I digress) and the process of managing Certificates in both products, why is TAC not even willing to diagnose to the point of proving that its a browser issue, like they do with other products involving custom components (VXML, etc.)? Really all I need is validation that this is truly a Certificate issue and not something related to a bad import of a Cert or some other issue directly related to the Security management components of the Finesse and CUIC boxes.
All that aside, is there a particular CA that you (or anyone else) would recommend? I've worked with Verisign in the way past, but looking at their costs against some others out there, I'm open to price vs. service opinions. OpenSSL is obviously not an option with their current security problems but I'd be willing to look at that short-term if it would solve my issue.
Thanks for the response.