Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Avaya Equinox over TLS (SSL-CA Certificate)

Status
Not open for further replies.
Barahm

Barahm

Technical User
Jan 3, 2019
34
CA
Hi,
I have IPO version 11.0.4.2. The customer purchased a regular CA,( not a wildcard cert) ,and we managed to import the Cert into the IPO. The issuer is AlphaSSL. The IPO implicitly imported the chain of certificates.

When we try AvayaIX work place from MAC, Iphone, and Android devices the app works as a charm with no issues. We just provisioned the Avaya IX works again the Web address and we got the extension successfully registered.

When we provision the Equinox from any windows machine against the same URL, we got the error "Certificate is not trusted" or "Certificate revoked" however the certificate is a CA certificate. When we remove the Global SIgn CA Root and the AlphasSSL from the trusted root certificate authority and only keep the AlphaSSL in the Intermediate certification authority the Equinox on the windows machine works fine.

The customer thinks the Equinox (Windows) is not pulling the chain of certificates properly and therefore we are getting the error "Certificate revoked".

Has any went through this before? Any idea?

What I am trying to achieve is provision the Equinox from any windows machine and get it works without going to windows MMC to remove certificates.
 
Sort by date Sort by votes
You don't use IX on Windows?

Have you compared the certificates in the store?
Could just be that it isn't updated properly.

"Trying is the first step to failure..." - Homer
 
Upvote 0 Downvote
I am using Avaya Equinox for Windows on Windows 10 machine.

How can you update a certificate? The info I have, when we purchase CA and import it into IPO, we don't need to to touch the store as we only need then to configure the web address in the equinox. (This is not a self identity cert to install it in the store. It's a regular SSL cert).

Let me know
 
Upvote 0 Downvote
You need to check on the machine why the Intermediate is revoked if you wanna avoid doing this manually.
It might have an old one instead of the one currently used.

"Trying is the first step to failure..." - Homer
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

William C290
  • Question
Avaya SBCE & Workplace / TLS
Replies
3
Views
333
derfloh
derfloh
a.kasuri
  • Locked
  • Question
AVAYA IP OFFICE SIP TRUNK OVER TLS SRTP, SEND and LISTEN PORTS
Replies
1
Views
293
a.kasuri
a.kasuri
PhonesTech
  • Locked
  • Question
Which CA to use for Server Edition Certificate
Replies
7
Views
199
sizbut
sizbut
john3voltas
  • Locked
  • Question
Workplace can't connect - certificate issue
Replies
6
Views
470
derfloh
derfloh
dbb1234
  • Question
IP Office v12 Certificate Expiration 1
Replies
4
Views
543
dbb1234
dbb1234

Part and Inventory Search

Sponsor

Back
Top