Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Adding the ASBCE identity certificate SSH Error 2

Status
Not open for further replies.
dsm600rr

dsm600rr

IS-IT--Management
Nov 17, 2015
1,444
US
Hello all,

I am receiving this error, any idea why?

2021-05-13_14-14-00_m7ai0g.png


ACSS
 
Sort by date Sort by votes
That command is not used on SBCE 8.0 and above.

Docs are not very clear, but you now upload the certs and key with the password using the web gui, so no need to do that part.

Jamie Green

[bold]A[/bold]vaya [bold]R[/bold]egistered [bold]S[/bold]pecialist [bold]E[/bold]ngineer
 
Upvote 0 Downvote
jamie77: Do I just skip this part and continue?

ACSS
 
Upvote 0 Downvote
yup. cert should be fine just uploaded with the key in the gui.

on earlier SBCs, you did need to run this command.

Jamie Green

[bold]A[/bold]vaya [bold]R[/bold]egistered [bold]S[/bold]pecialist [bold]E[/bold]ngineer
 
Upvote 0 Downvote
jamie77: Thank you. Avaya drives me insane some times (a majority of the time).

ACSS
 
Upvote 0 Downvote
jamie77: Is this the step you are referring to? I do notice in the documentation it does not mention entering a password in for the key at this point however it was required.

Install_Cert_ktul2h.png


ACSS
 
Upvote 0 Downvote
Thats the one. Docs on this are terrible and I wasted days doing exactlly the same as you!!

Jamie Green

[bold]A[/bold]vaya [bold]R[/bold]egistered [bold]S[/bold]pecialist [bold]E[/bold]ngineer
 
Upvote 0 Downvote
jamie77: Appreciate the help. Do you remember anything else along the way I should be aware of as far as documentation errors?

Currently I have my network topology as such. I do not see any reason to need to involve my firewall guy and put the SBCE after the firewall. The SBCE is a firewall, after all, correct? Unless you suggest me doing so for a reason I am not seeing.

PF_Network_Topology_htmxok.png



With that being said, should I skip the firewall steps?

1_zngic0.png


What about this step?

2_hkrq6w.png


ACSS
 
Upvote 0 Downvote
That's a relict für the use of OneX Portal of you connect OneX Mobile or Avaya Communicator. In that case you had to create an application relay or reverse Proxy dir port 9443. That wasn't possible as long as the given port range was 9000-9999.

If you only use IX Workplace and J-Series phones that step is not necessary.

IP Office remote service
IP Office certificate check
CLI based call blocking
SCN fallback over PSTN
 
Upvote 0 Downvote
derfloh: Thank you. I will remove the port modification.

ACSS
 
Upvote 0 Downvote
Put the SBC behind the firewall where ever possible to be part of a layered security model. But, I do have some SBC's with a direct internet facing B1 where we had no other choice.

Jamie Green

[bold]A[/bold]vaya [bold]R[/bold]egistered [bold]S[/bold]pecialist [bold]E[/bold]ngineer
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

sheldoom
  • Locked
  • Question
ASBCE Factory Default
Replies
1
Views
355
derfloh
derfloh
Zero6
  • Locked
  • Question
Certificate warning
Replies
1
Views
421
derfloh
derfloh
K
  • Locked
  • Question
The security certificate will expire in XXX days.
Replies
8
Views
885
kmeath
K
scudworth
  • Locked
  • Question
ASBCE Server Flow failover
Replies
2
Views
411
Alfalis
Alfalis
OmegaStar
  • Locked
  • Question
ASBCE change Contact Header
Replies
12
Views
1K
derfloh
derfloh

Part and Inventory Search

Sponsor

Back
Top