Federating the Servers

A federated server is configured to receive requests, and distribute these requests to the data sources.

Each Vocera XMPP Adapter configuration will maintain its own TLS certificate, as well as its own temporary certificate for a CSR in progress.

First, set the domain name for the XMPP server in the Vocera XMPP Adapter configuration field, and start the adapter on the appliance.

In the Vocera Platform Web Console, navigate to the Vocera XMPP Adapter and view the Additional Actions options in the sidebar help section. The following operations can be performed by an administrator from the XMPP Certificate Manager.

Download the Current TLS Certificate

Click Download Certificate to download the server's current TLS certificate. A servlet request is made to extract the certificate and return it as a file to be downloaded by the web browser. The certificate is encoded in PEM format.

Once downloaded, navigate to the federated server and install the certificate to allow the server to authenticate the certificate and enable presence and federation services. See Replace an Existing XMPP Certificate on the Cisco Unified Communications Manager IM and Presence Server in Configuring the Federated Server to Work with Vocera Platform.

Delete the Server Certificate

Click Delete Certificate to delete the server certificate. A servlet request is made to delete the TLS certificate from the KeyStore generated by the adapter. Once the certificate is deleted, the Vocera XMPP Adapter will generate a self-signed certificate.

Upload the TLS Certificate

Browse to locate the TLS certificate associated with the currently loaded CSR and click Upload Certificate to upload the file. A servlet request is made to upload the certificate into the KeyStore with the private key used to sign the CSR. Alternatively, the administrator may upload a PEM file that includes the private key for the certificate being uploaded. In either case, the uploaded file must:

Once clicked, a status at the bottom of the page indicates the success or failure of this operation. Existing mobile SSL connections to the XMPP server continue to use the TLS credentials of the previous certificate. Mobile SSL connections made after the certificate upload will use the new certificate when negotiating TLS.

View the Current Certificate Details

Click Refresh Certificate Details to display the current configuration certificate details, including the domain of the configuration, the status, subject, issuer of the certificate, and expiration date. The status of the certificate is based upon the expiration date and will use the following statuses:

When a self-signed certificate expires, a new certificate is generated and replaces the expired certificate. The details of the new certificate will be returned for viewing.