====== Secure Conferencing ======
  * Registers with CUCM using SCCP over TLS
  * TLS authentication includes two-way certficate exchange:
    * CUCM certificate(s) have to be known by secure conference bridge (to be able to compare received certificate).
    * Certificate of CA that issued certificate to secure conference bridge has to be known in CUCM (to be able to verify signature of received certificate)
    * Manually added during configuration time.

===== Configuration =====

==== IOS Obtain Conf Cert from CA ====
  * This is the certificate for the conferencing resource.
  * Obtain a conference certificate for the secure conference media resource at the Cisco IOS router.
  * The fingerprint of the certificate will be displayed 
  * The certificate has to be accepted to be stored in the NVRAM.
{{cucm-sec-conf1.png|}}

==== IOS Associate Conf Cert ====
  * Configure a secure conference media resource in Cisco IOS software and associate it with the previously obtained certificate.
{{cucm-sec-conf2.png|}}

==== CUCM Export CUCM Certs ====
  * Under **CUCM OS Admin > Security > Certificate Management**
  * Export CUCM certificate(s)
  * Needs to be done on each CUCM the secure conference can register with
{{cucm-sec-conf3.png|}}

==== IOS Add CUCM Cert ====
  * Add download CUCM certificate(s) to Cisco IOS router
{{cucm-sec-conf4.png|}}

==== IOS Export CA Cert ====
  * Export certificate of the CA that issued the certificate to the secure conference media resource
  * This the the certificate of the CA that signed the conference certificate.
{{cucm-sec-conf5.png|}}

==== CUCM Add CA Cert ====
  * Under **CUCM OS Admin > Security > Certificate Management**
  * Add downloaded CA certificate(s) to CUCM server(s)
{{cucm-sec-conf6.png|}}

==== CUCM Secure Conference ====
  * Add and configure the secure conference bridge in CUCM
{{cucm-sec-conf7.png|}}

==== CUCM Meet-Me (Optional) ====
  * (Optional) Configure a minimum security level for Meet-Me conferences if desired (default is non-secure).
{{cucm-sec-conf8.png|}}