Which Cisco Unified CM service is installed by default and authenticates certificates on behalf of IP phones and other endpoints?
Click on the arrows to vote for the correct answerA. B. C. D. E.
The correct answer to this question is B. Cisco Certificate Authority Proxy Function (CAPF).
Cisco Unified Communications Manager (Unified CM) is the primary call control and signaling component for Cisco collaboration solutions. It provides services such as call processing, device registration, and management of resources such as media resources and conferences.
When it comes to security, Unified CM uses certificates to authenticate devices such as IP phones and other endpoints, and to encrypt signaling and media streams.
To ensure secure authentication of devices, Unified CM installs a default service called the Cisco Certificate Authority Proxy Function (CAPF). This service acts as an intermediary between the endpoints and the Certificate Authority (CA), which issues and manages certificates.
The CAPF is responsible for generating and installing X.509v3 certificates on behalf of endpoints, and for authenticating them when they connect to the Unified CM cluster. This ensures that only authorized devices are allowed to register with the cluster, and that all signaling and media streams are encrypted using secure certificates.
The other answer options in the question are:
A. Cisco CTL Provider: The Cisco CTL Provider service is responsible for creating and maintaining a Certificate Trust List (CTL) on each Unified CM server. The CTL contains the list of trusted CA certificates that are used to validate device certificates.