Explanation: Security certificates are used to ensure that browser communication is secure by authenticating clients and servers on the web. There are two ways to deploy security certificates in CCE: Certificate Authority (CA) signed certificates and self-signed certificates1.
- CA signed certificates are certificates that are issued by a trusted third-party entity, such as VeriSign or Thawte, that validates the identity of the certificate owner. CA signed certificates are more secure and reliable than self-signed certificates, but they also require more time and money to obtain and maintain2.
- Self-signed certificates are certificates that are generated and signed by the certificate owner, without involving any third-party entity. Self-signed certificates are easier and cheaper to create and deploy, but they are less secure and trustworthy than CA signed certificates, as they can be easily forged or tampered with2.
CCE supports both CA signed certificates and self-signed certificates for securing the communication between different components, such as AW, CVP, Finesse, ECE, etc. However, some components may require additional steps or configurations to use CA signed certificates, such as importing the CA certificate into the AW machines, changing the Java truststore password, or binding the CA signed certificate in the Diagnostic Portico123.
The other options are not valid ways to deploy security certificates in CCE:
- Security Authority (SA) is not a term related to security certificates, but rather a role that is assigned to a user or a group in CCE to grant them access to certain security features, such as encryption, auditing, or IPsec1.
- 3rd party signed certificates are not a distinct category of security certificates, but rather a synonym for CA signed certificates, as they both involve a third-party entity that signs the certificates2.
- Digitally signed certificates are not a specific type of security certificates, but rather a general characteristic of all security certificates, as they all use digital signatures to verify the authenticity and integrity of the certificate data2.
References:
1: Security Guide for Cisco Unified ICM/Contact Center Enterprise, Release 12.6(1) - Certificate Management for Secured Connections 2: Packaged CCE Migration Guide, Release 12.0 - Manage Security Certificates 4: Computer forensics certifications - Infosec Resources 3: Implement CA Signed Certificates in a CCE Solution - Cisco
