Cisco Systems ASA 5510, ASA 5512-X, ASA 5515-X, ASA 5520, ASA 5525-X, ASA 5540, ASA 5545-X, ASA 5550, ASA 5555-X, ASA 5580, ASA 5585-X, ASA 5505 Configuring the Local-Side Certificates for the Cisco Presence Federation , Configuring the Remote-Side Certificates for the Cisco Presence Federation

8-15

ASDM configuration guide

Chapter8 Using the Cisco Unified Communication Wizard

Configuring the Presence Federation Proxy by using the Unified Communication Wizard

Step3 In the FQDN field, enter the domain name for the Unified Presence server. This domain name is included

in the certificate signing request that you generate later in this wizard.

Step4 In the Public Network area, choose the interface of the public network from the drop-down list. The

proxy uses this interface for configuring static PAT for the local Cisco Unified Presence server and for

configuring access lists to allow remote servers to access the Cisco Unified Presence server.

Step5 Click Next.

Configuring the Local-Side Certificates for the Cisco Presence Federation

Proxy

Within an enterprise, setting up a trust relationship is achievable by using self-signed certificates. The

supports using self-signed certificates only at this step.

Step1 In the ASA’s Identity Certificate area, click Generate and Export ASA’s Identity Certificate.

An information dialog box appears indicating that enrollment succeeded. In the Enrollment Status dialog

box, click OK. The Export certificate dialog box appears.

Note • If an identity certificate for the ASA has already been created, the button in this area appears as

Export ASA’s Identity Certificate and the Export certificate dialog box immediately appears.

•When using the wizard to configure the Cisco Presence Federation proxy, the wizard only supports

installing self-signed certificates.

Step2 Export the identity certificate generated by the wizard for the ASA. See Exporting an Identity

Certificate, page8-23.

Step3 Local Unified Presence Server’s Certificate area, click Install Server’s Certificate. The Install

Certificate dialog appears.

Step4 Locate the file containing the Cisco Unified Presence server certificate or paste the certificate details in

the dialog box. See Installing a Certificate, page8-23.

Step5 Click Next.

Note See the Cisco Unified Presence server documentation for information on how to export the certificate

for this server.

Configuring the Remote-Side Certificates for the Cisco Presence Federation

Proxy

Establishing a trust relationship across enterprises or across administrative domains is key for federation.

Across enterprises you must use a trusted third-party CA (such as, VeriSign). The security appliance

obtains a certificate with the FQDN of the Cisco Unified Presence server (certificate impersonation).

Cisco Systems Configuring the Local-Side Certificates for the Cisco Presence Federation , Configuring the Remote-Side Certificates for the Cisco Presence Federation