×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Avaya Workplace client and AADS certificates

Avaya Workplace client and AADS certificates

Avaya Workplace client and AADS certificates

(OP)
Hello All,

Hope you are doing well and safe, I'm experiencing an issue with Internal users can't sign in using autoconfig where certificate error is being displayed.. I will try to draw the scenarios:

1*External (working properly):
|"Client"(pubcert)| ------|"Firewall"|------> |(pubcert)B1 "ASBCE" A1(pvtcert)| --------> |(pvtcert) "AADS"|

2*Internal (directly to AADS, displays cert error when I type email address and user can't sign in.. makes sense as AADS uses Private certificate):
|"Firewall"| ------|"Client"(pubcert)|------> |(pvtcert) "AADS"|

3*Internal (to ASBCE B1 private DMZ IP address, it passes certificate error but when user is signed in.. there's an alarm that contact service is not working "certificate error" where I can't search enterprise contacts and my pic is not displayed):
|"Firewall"| ------|"Client"(pubcert)|------> |(pubcert)B1 "ASBCE" A1(pvtcert)| --------> |(pvtcert) "AADS"|

In scenarios 1 & 3 .. Client successfully gets autoconfig settings from AADS.

RE: Avaya Workplace client and AADS certificates

TraceSM with TLS enabled may give you more information on exactly why. I "assume" you have either a SAN issue where the DNS name being used to access the SM100 is not in the SAN (you can set TLSVERIFYID and TLSSRVR ID to 0 which disables hostname validation).
Otherwise, assuming the Session Manager certificates are issued from System Manager, you may not have the System Manager Certificate Authority cert in the Truststore. The CA Cert(s) should be loaded onto the http server and identified in the TRUSTCERTS parameter so the endpoint pulls down the cert. For Workplace clients, the customer can also publish the System Manager CA certificate.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close