Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

the alarm: TLS cert is about to expire showed up on all our hosted avaya server today? 7

Status
Not open for further replies.
nothingworks101

nothingworks101

Programmer
Aug 14, 2008
239
0
0
US
the alarm says:
TLS certificate is due to expire
Type: trusted store certificate
days remaining:60

did this happen to everyone?
I tried to renew certs on web page:)7071) and in security in manager, but it still shows up.

(they are all powered by Avaya hosted- r10, 10.1, 11)
 
Sort by date Sort by votes
Nice of Avaya to have the fix, but it doesn't work. I have deleted the certificate from 3 IP500V2 IPOs running r11+ with no change I still see the error in SSA.
Mike
 
Upvote 0 Downvote
Found a trick that does work. You can only do this if you are on site. The embedded file management won't load the certificate. Gives a 403 error. Forbidden.

Download the certificate with web manager.
Pull the SD card out of the IPO and put it in your PC.
Copy the certificate to the system/primary/certificates/tcs/delete
Reboot

From the readme.txt in that folder.

This folder contains certificates that should be automatically deleted from the IPOFFICE
Trusted Certificate Store. The system can interpret both PEM and DER encodings. The
certificate file name extension must indicate the type of encoding. PEM encoded files
should end with .pem and DER encoded files should end with .der.

When the IPOFFICE boots, the system will check if there are any certificates that exactly match
a certificate in the TCS (byte for byte). If a matching certificate is found in the TCS,
it will then be removed.

Or you can ignore the SSA error. [thumbsup]

Dermis and feline can be divorced by manifold methods.*
*(Disclaimer for all advise given)--'Version Dependent'
 
Upvote 0 Downvote
Upvote 0 Downvote
Pink for that solution. Not something I would of ever thought of trying and sad it takes going to that length to fix Avaya's blunder and even more sad that once more a tech figures it out long before Avaya does.

The truth is just an excuse for lack of imagination.
 
Upvote 0 Downvote
Sad part is the trick can't be done remotely. We support systems all across the US and in five other countries, so ignoring the alarm is our best solution. [thumbsup2] Thanks Avaya.

Dermis and feline can be divorced by manifold methods.*
*(Disclaimer for all advise given)--'Version Dependent'
 
Upvote 0 Downvote
Ya it is true a remote option would be great but something is better then nothing. The fact that the certificate is not used (supposedly) anymore is the only saving grace at this point. I appreciate you taking the time to find a solution though.

The truth is just an excuse for lack of imagination.
 
Upvote 0 Downvote
I didn't test it myself but I think it could be possible on server edition servers to move the license file within the Linux file system.

IP Office remote service Fixed price SIP trunk configuration: CLI based cale blocking: SCN fallback over PSTN:
 
Upvote 0 Downvote
You can upload this file using Web Manager you still will need to reboot system after. This will save you time other than removing the SD card. If you have remote you don't even have to leave your office
Web_y1rest.png
 
Upvote 0 Downvote
Upvote 0 Downvote
Thank you Magixman. I hadn't tried from Web Manager. I wonder why it won't let you do it from Manager. Seems stupid. But at least it works.

Dermis and feline can be divorced by manifold methods.*
*(Disclaimer for all advise given)--'Version Dependent'
 
Upvote 0 Downvote
When i try to upload the certificate via web manager, we are getting error that the file is not in .wav format?
Anyone else experience this issue?
 
Upvote 0 Downvote
i have 20 systems having certificates expiring this Friday they are all on V11 has anyone had a solution this issue i need help ASAP
 
Upvote 0 Downvote
@Gaspagano:
According to Avaya nothing bad will happen once the certificate expires (asked an Avaya representative at an event last week, the reason being that the certificate isn't used any more anyways)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

a.kasuri
  • Question
AVAYA IP OFFICE SIP TRUNK OVER TLS SRTP, SEND and LISTEN PORTS
Replies
1
Views
176
a.kasuri
a.kasuri
Rhinorhino
  • Locked
  • Question
Avaya start up tone 1
Replies
1
Views
68
Westi
Westi
Richard_Harrow
  • Locked
  • Question
A certificate expired on my secondary server and I'm unable to regenerate it.
Replies
3
Views
127
derfloh
derfloh
dsm600rr
  • Locked
  • Question
Remote J100's - New/Renew TLS Certificates 3
Replies
5
Views
127
dsm600rr
dsm600rr
ITgingaUK
  • Locked
  • Question
Best place to sell our Avaya system
Replies
2
Views
63
ipohead
ipohead

Part and Inventory Search

Sponsor

Back
Top