I've recently upgraded to 10.1 and we have two B179 phones that stopped registering due to SSL/TLS errors. I can switch SIP back to TCP and it works. I have read Avaya's Technical Bulletin 175 that says you have to manually upload the IPOffice certificate to the B179s via the web interface. What it doesn't say is how to get the root certificate out of the IPOffice to upload to the B179. Can someone point me in the right direction here?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Exporting IP Office Root Certificate 1
- Thread starter b4btec
- Start date
- Thread starter
- #3
- Thread starter
- #5
I tried that but I think I'm still missing something. I went to Security Settings -> System -> Certificates. Only way I could see to export the Identity Certificate was to view it then export to file. I chose the default DER encoded binary x.509 cer file and saved it as "avaya.cer". The certificate was issued to "ipoffice-<hex code>.avaya.com" Where <hex code> is an actual hex value. There is also a little yellow exclamation mark next to Offer ID Cert Chain that stated The Intermediate Certificates Must be placed In The Trusted Cert Store. Now, on the B179 I have inserted the avaya.cer in both the Provisioning and SIP settings pages as a root certificate. I get an error on the B179 that says "Jan 19 13:15:08: ERR: Error creating SIP TLS listener: Error loading SSL certificate chain file (PJSIP_TLS_ECERTFILE) [status=171163]." It seems that I'm missing an intermediate certificate or something or I have the avaya.cer in the wrong place. I only see the one certificate in the IPO manager.
- Thread starter
- #7
-
1
- #8
- Status
