Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IP500, SBC setup using external CA with workplace

Status
Not open for further replies.
phil204

phil204

Technical User
Apr 13, 2011
25
0
0
GB
Been working on this for quite some time and now hit a brick wall, any help or advice woul dbe greatly received.

Setup

IP500V2 R11.1
ASBCE R8.0
Server edition running as an app server

Customer security checks deem self signed certs as a security risk so ahve demanded we use an external CA

Looking at the docs, my exact sceanrio isnt referred to so having to work blind.

1. Followed docs to apply the .p12 file to the IPO
2. Followed docs to apply SBCE certs (ipo root and ID)

All applied yet the app works without installing the cert. also cannot setup ising web address, advises "a server with the specified hostname could not be found." but does work manually configuring.

I appreciate there are a lot of factors and information that might be required here but reaching out to see if anyone has this setup working?

As a note the whole setup works using self signed certs generated
 
Sort by date Sort by votes

thanks for the reply

it only conatins the the following,

Subject Alternative Name(s): Enter comma separate DNS:<FQDN> and IP:<public IP> entries

cannot put internal IP's as the CA won't allow
 
Upvote 0 Downvote
If you are using an external CA, then you need:
For the IPO: .pfx incluing ID Cert, all intermediates and the key. Upload as normal with Manager/Web Manager.
For the SBC: ID cert with intermediates attached, the intermediate bundle file and the key file/password. Uploadeed to Server and Client ASBCE TLS profiles.

No need to upload the root file anywhere else.

If you are using an external public CA, it won't have the IPs in. They haven't allowed IP addresses as a SAN for about 5 years! Avaya still keep asking for it though!! Idiots!

"a server with the specified hostname could not be found" Soudns liek you have DNS not configured somewhere.

Jamie Green

[bold]A[/bold]vaya [bold]R[/bold]egistered [bold]S[/bold]pecialist [bold]E[/bold]ngineer
 
Upvote 0 Downvote
@jamie77 thx for the input, couple of questions,

This is the same certificate right?? So i just get the .pfx and alos the root, intermidiate and identity but apply them as per the below?
If you are using an external CA, then you need:
For the IPO: .pfx incluing ID Cert, all intermediates and the key. Upload as normal with Manager/Web Manager.
For the SBC: ID cert with intermediates attached, the intermediate bundle file and the key file/password. Uploadeed to Server and Client ASBCE TLS profiles.

works ok twhen manually entering the FQDN so i am confident DNS is good
"a server with the specified hostname could not be found" Soudns liek you have DNS not configured somewhere.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

shermosillo
  • Locked
  • Question
Certificate question for IP500 w/SBC
Replies
1
Views
81
PhonesTech
PhonesTech
barneyraymond
  • Question
Avaya IP500 SD Card
Replies
6
Views
333
ipohead
ipohead
dsm600rr
  • Locked
  • Question
IX Workplace, SMS?
Replies
0
Views
53
dsm600rr
dsm600rr
teletechman
  • Locked
  • Question
IX Workplace
Replies
1
Views
73
Westi
Westi
T
  • Question
IP Office R11.0.4.8.0 build 17 Cannot get Workplace to register.
Replies
15
Views
423
telecomtekperson
T

Part and Inventory Search

Sponsor

Back
Top