AvayaDeviceEnrollmentCAchain.crt deleted

[mjm23]

Someone accidentally deleted the AvayaDeviceEnrollmentCAchain.crt from the SBCE certificate section. is there anyway to retrieve it? SBCE version is 8.1

 

[kyle555]

You should be able to Google it.

Or I, or anyone else, can grab it out of our own. I can do it tomorrow

Or, deploy the OVA as a single box on a new mgmt IP and export it from there if you wanted to get it in the next 30 mins without searching too hard

What FQDN do the phones use to hit DES? If it's like 'des.Avaya.com' then just punch that in your browser, inspect the cert and export each cert in the chain.

You can take many PEM CA certs that form a chain and paste them into a single file in order of 'furthest from root CA' to 'root CA' and import that as a trusted CA cert. You probably won't have to as I only have to do that when adding an identity cert from GoDaddy or Digicert, so you could probably just go to des.Avaya.com, check the cert in your browser and export just the root CA and that might be enough to replace it.

Are you using DES? Is there a reason the SBC needs to trust it? As in, perhaps it's reverse proxying the outward phone traffic to DES and needs to trust that DES cert?

 

[mjm23]

We are not using DES. Will the SBC still work fine if it gets deleted? Our SBC is just used for SIP trunking and remote workers. So basically I can grab any AvayaDeviceEnrollmentCAchain.crt from any SBC and install it to mine?

 

[G van Hamburg]

If you don’t use it, just leave it. I delete them too.

Freelance Certified Avaya Aura Engineer

 

[mjm23]

thanks for your inputs! cheers!