×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

IX Workplace, certificates and TLS

IX Workplace, certificates and TLS

IX Workplace, certificates and TLS

(OP)
Hello all,

Thought I would start a new thread as my other was getting too cluttered and I think I may be getting close to getting this working.

I have exported the certificate here and re-named it: WebRootCA.pem




Does this certificate then get uploaded to:?




Next would be creating the Identity Cert for the IPO Itself. How does this look?



Once downloaded as "PEM-encoded" I would add that certificate to the IPO.

After all that, and I enable TLS should my J179's grab the certificate and re-register to the IPO? What about iPhones running the Workplace App?

Thank you!

ACSS

RE: IX Workplace, certificates and TLS

(OP)
Does the WebRootCA.pem downloaded from Web Manager just get placed in the "Primary" folder of embedded file manager?

When I try and place it in: "Primary > certificates > TCS > ADD" I receive the error "HTTP request failed: 403 Forbidden"

ACSS

RE: IX Workplace, certificates and TLS

(OP)
derfloh: when I go to that address it does give me the option to Open or Save it. Is this what needs to be loaded on the external Devices (iPhones / Laptops)?

ACSS

RE: IX Workplace, certificates and TLS

(OP)
derfloh: Thank you. I have disabled "HTTP Avaya Phones Only" and enabled "SIP Remote Extension Enable"

When you say "you have to replace the IP of that of your IPO" where are you referring to?

How does my Identity Certificate look above?

Is there any other certificates needed other than the WebRootCA.pem and the Identity Certificate for the IPO? Does WebRootCA.pem just get downloaded and loaded to external PC's/Phones to run IX Workplace outside of my LAN?

Once I enable TLS will my J179's grab the correct certificates? I am assuming I will need to default them?

ACSS

RE: IX Workplace, certificates and TLS

The phones will load 46xxsettings.txt and it references WebRootCA.pem.

If the IPO IP is 192.168.42.1 you can get the root certificate by loading http://192.168.42.1/WebRootCA.pem or http://192.168.42.1:8411/WebRootCA.pem

If the IP is 172.30.20.1 you have to open http://172.30.20.1/WebRootCA.pem or http://172.30.20.1:8411/WebRootCA.pem

Certificate looks correct.

IP Office remote service
IP Office certificate check
CLI based call blocking
SCN fallback over PSTN

RE: IX Workplace, certificates and TLS

(OP)
derfloh: Thank you.

ACSS

RE: IX Workplace, certificates and TLS

(OP)
derfloh: The documentation says when creating the Identity Certificate to select the "Regenerate" Button and then to Download (PEM-encoded)

When selecting the "Regenerate" button I get this pop-up with the option to download:



Does this get loaded as well or only the .pem file?



Lastly, should I Change the Duration to 398 days?




ACSS

RE: IX Workplace, certificates and TLS

Until the end of September 825 days will work. Certificates created later must not be valid more than 398 days.

The p12 file is fine. It contains the server certificate as well as the root certificate.

Only regenerate and apply works for primary servers. If you create a certificate for another machine the way you did it is correct. I.e. for IP500

IP Office remote service
IP Office certificate check
CLI based call blocking
SCN fallback over PSTN

RE: IX Workplace, certificates and TLS

(OP)
derfloh: Thank you. So in the IPO Security Settings > Import Certificate from File, I am only uploading the p12 file correct? Basically the cert.pem wont be used?

ACSS

RE: IX Workplace, certificates and TLS

(OP)
derfloh: Thank you Sir. Would be nice if the documentation mentioned some of these things.

When visiting http://172.30.20.1/WebRootCA.pem - is this the certificate that I download and install on remote devices (PC's / Cell Phones)?

Tomorrow I will load the p12 certificate to "IPO Security Settings > Import Certificate from File" and enable TLS. Is there anything else I may be missing? Will I need to facorty default my J179's to grab the certificates? Will all devices now use TLS?

ACSS

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close