Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Virtual SBCE and stand alone webLM

Status
Not open for further replies.

gmacdonald78

Programmer
May 4, 2012
49
GB
Afernoon,

Looking for a bit of advice and configuring the Avaya standalone Weblm, this is for an a Virtual SBC, do you set the webLM on the A1 or management interface. Im presuming Management but cant find anything to confirm this?
 
Virtual ASBCE requires an seperate External WebLM Server (not the build int one) and yes, you use the management interface to connect to the WebLM IP.
 
This is a separate WebLM, turns out the SBC trust store needs a certificate from the Weblm, this can be done via the ems cli following the steps below:

You can see below error in gui.log:

[c.s.licensing.LicenseStatusManager] WARN: Unhandled exception caught while communicating with WebLM server.
com.avaya.weblm.LicenseException: Problem with connection to server: sun.security.validator.ValidatorException: No trusted certificate found

STEP-1 :

Dump the certificates used during SSL negotiation with the command below run from SBCE (EMS) while setting (save or refresh) licensing from webpage, replace <WebLM Server> with the actual IP address of the WebLM server.

openssl s_client -tls1_2 -showcerts -connect <WebLM Server>:52233

Copy the second (or last if there are more than two) certificate which appears in the output to /home/ipcs/weblm.pem, including the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines until the last occurence of the '-' character. You can use the following linux command: #vi /home/ipcs/weblm.pem , paste the certificate chain and save it.



STEP -2 :


Import the /home/ipcs/weblm.pem to the SBCE's(EMS) WebLM client keystore with the command below. It will ask for the keystore password which by default is “password” .

keytool -import -keystore /usr/local/weblm/etc/trusted_weblm_certs.jks -alias weblm -file /home/ipcs/weblm.pem

If the password does not work. Please check the current password using this command:

grep trustStorePassword /usr/local/weblm/etc/trustedcert.properties
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top