Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Avaya Aura 6.3 System Platform Security Certificates

Status
Not open for further replies.

TBUCEngineer

Technical User
Feb 2, 2023
8
US
Hello Team,

Can anyone who has experience with updating certs on a 6.x System Platform help me with how to execute the process? I am not clear on what/how I need to do to install a new certificate file, and a new private key file, in the system platform web interface. There is little to no documentation anywhere for System Platform certificate install procedures. I understand the process for using System Manager to update the root and identity certs for things like CM.

Can I use System Manager as a CA, and add an End Entity on System Manager for System Platform?

Thanks and Regards
 
What are you trying to accomplish? Get rid of the cert error when logging into system platform web interface?
 
I need to install new certificates because the current ones will expire near the end of next month.
 
Assuming it’s for the web interface you would need to use your internal CA to issue certificates. The first step is to ssh into system platform and generate a cert request. You then submit the request to your internal CA. Once they approve you can import the signed cert and root CA into system platform.
 
Are these sort of certificates supposed to be customer installable?

Does Avaya include certificate management as part of a typical maintenance agreement?
 
This is fully customer resolvable. Avaya will most likely charge you if you want them to perform this task. You would need to use a certificate authority to issue internal certs which you would need to discuss with your IT team. It’s not advisable to use system manager unless you plan to deploy the root certs to all your PCs.
 
Since you are on an old 6.x keep in mind there is an issue going to SHA2 certificates. There is a .so library problem. They may have corrected it in the last SP for System Platform but you need to validate SHA2 certificates will work. There is also a workaround to delete, copy, and link the needed library.

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top