MV-IPTel had a nifty feature where it would use the client certificate on the phones to confirm they're really Avaya phones and are thus really authorized to download settings, configurations and backups via HTTPS (on port 411).
I'd like to try to reproduce this on IIS 7.5. One, because IPTel hasn't been updated since 2006 or 2007 and, two, because I'd like to accept certs for Polycom.
I haven't had a ton of luck yet. I've followed many guides on how to enable IIS client certificate authentication mapping, enabled SSL, required client certificate and created a rule to check the client cert for "Avaya Inc." as the organization. I also imported the Avaya Server Root CA and Avaya Products Root CA into my Trusted Certificate Authority pool.
Despite all this, I still get error 403 (Forbidden) on the phone (and the IIS logs).
I'm beating my head against the wall. Anybody try this already?
Thanks.
-Sam
I'd like to try to reproduce this on IIS 7.5. One, because IPTel hasn't been updated since 2006 or 2007 and, two, because I'd like to accept certs for Polycom.
I haven't had a ton of luck yet. I've followed many guides on how to enable IIS client certificate authentication mapping, enabled SSL, required client certificate and created a rule to check the client cert for "Avaya Inc." as the organization. I also imported the Avaya Server Root CA and Avaya Products Root CA into my Trusted Certificate Authority pool.
Despite all this, I still get error 403 (Forbidden) on the phone (and the IIS logs).
I'm beating my head against the wall. Anybody try this already?
Thanks.
-Sam