Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IPO 11.1 - root certificate expired / SSA can't connect to IPO

Status
Not open for further replies.
john3voltas

john3voltas

Technical User
Nov 12, 2013
72
0
0
PT
Greetings folks.
I have an IP Office server which has had it's certificate expired.
certificate-1.jpg


I can access the server with Manager but I can't open SSA pointing to this server. And even if I could, I'd like to fix this properly and have an encrypted connection between this App and the server.
certificate-2.jpg


So, it is my understanding that during the lifetime of the certificate I could have easily renewed it from the Security Settings > System > Certificates > Regenerate. But that is not working right now and I guess it's because the cert is already expired.
So, how do I renew this certificate? Or is there an easy way to create a self-signed certificate to workaround this issue?
Please be so kind to explain in detail or point me to a good source (tutorial/how-to) on how to solve this.
Thanks in advance.

Cheers
 
Sort by date Sort by votes
You would have to go into the preferences of Manager and set it to secure but none as certificate check
or even unsecured by turning off the security which will work if you have it set to allow unsecured in the security settings of the IPO


Joe
FHandw, ACSS, ACIS

 
Upvote 0 Downvote
@Westi,
As stated in my previous post, "And even if I could, I'd like to fix this properly and have an encrypted connection between this App and the server.".
Thanks for pointing me a way to immediately workaround my problem.
But what about a way to fix the certificate issue? Any ideas?
Anyone?
TIA
Cheers
 
Upvote 0 Downvote
Hi Westi,

Well, I've done that already. But I still see a certificate that expired in September...
Tried it both from Manager under Security and also from the Web Management. Same outcome.
What could I be doing wrong, here?
Cheers
 
Upvote 0 Downvote
By the way. It says it needs to restart a service in order for the newly created CA certificate to be imported into the IPO trusted certificate store.
Which service is that? And do I need to restart it manually or does the system take care of that for me?
TIA
Cheers
 
Upvote 0 Downvote
Yes, that certificate.
When I press the VIEW button I can see that the certificate already has an expiry date of 2026.
But, when I open the web browser again and point it to I still get an information stating that the certificate is expired. And when I get more info for that certificate from the browser, I can see that it is still only valid until 2023.
Cheers
 
Upvote 0 Downvote
I've just restarted the WebManager service from the command line of the server and still no good...
Could it be that I need to restart the whole server...?
Cheers
 
Upvote 0 Downvote
This is a server edition?
I was under the impression that is is only a regular IPO not a SE

when in doubt a reboot cannot hurt.

Joe
FHandw, ACSS, ACIS

 
Upvote 0 Downvote
Yes, this is a server edition. A virtual server edition, actually.
I'll arrange for a scheduled reboot and will let you know how it goes.
Thanks for the tips.
Cheers
 
Upvote 0 Downvote
Nah, there's something fishy going on with my server.
Went back to check the VIEW button and the certificate is gone back to expiry in september 2023.

I'm going to regenerate right now, under the web management.

certificate-3.jpg

certificate-4.jpg


Here it says there's the need for a service restart. But it doesn't explain if it will restart the service on it's own nor does it say which service that is...

certificate-5.jpg


Success. Now I have to download it and add it to my browser.
That would be the Download DER, right?
certificate-6.jpg


Ok, then I open Manager, go to Security.
certificate-7.jpg


But still 2023...
certificate-8.jpg


I am lost...
 
Upvote 0 Downvote
Okay.
An update.
I went back to the WebManager and pressed both Regenerate buttons. First the one on the top. Let it finish and give me back control. And then the one on the bottom.

certificate-9.jpg


This time it said IT was going to restart all services on the server.

I had a green light so I let it restart.
The browser window froze for a couple of minutes.

Afterwards I regained control and checked the services. All restarted EXCEPT for the IP Office service. Cool.

Then I pressed both Download DER buttons, one for the CA and one for the certificate.
And last but not least, I added both (maybe it was only needed to add the CA...) to the windows computer account.

And there it is, the browser is saying that communications are encrypted.

Now I'm going to check if everything is working properly. VM Pro, OneX portal, etc.

Thanks for the headsup.
Cheers
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

William C290
  • Solved
ACCS & IPO 1
Replies
4
Views
496
William C290
William C290
attex
  • Question
IPO 11.1.3.1 b34 Web Client
Replies
2
Views
352
vid151
vid151
Rhinorhino
  • Question
Analog IPO allowed to COVER or BRIDGE 1
Replies
1
Views
83
budbyrd
budbyrd
dessertman
  • Locked
  • Question
IPO software upgrade 1
Replies
2
Views
198
derfloh
derfloh
PhonesandFarming
  • Locked
  • Question
multiple door phones to ipo? 3
Replies
4
Views
73
jinxs
jinxs

Part and Inventory Search

Sponsor

Back
Top