Thank you for your note. Please note that restart is not required on any current releases, it’s not a documented requirement. You may be having an issue which made restart to be performed
nice. so for example, when SM wants to communicate with CM, then CM presents idenity certificate to the SM which in turns validates it ? or is the SM presenting its own identiy certificate to the CM ? and can we create csr from CM in order to make identity certificate that way ? thanks
CM and SM should be using the SAME CA so that the Identity Certificates are created and validated against for communication. CM will send its Identity Certificate to SM for validation, and SM will send its Identity Certificate to CM for validation.
The comment below says that installing the root CA requires a CM reboot. Is this a video about installing the root CA certificate? Do I really need to reboot CM after installing the certificate as shown in the video? The certificate expires on January 28, 2025. We are running a 24-hour service and cannot reboot.
Yes, we need to generate individual certificate for each CM. Please refer to CM administration guide page no. 478 download.avaya.com/css/public/documents/101079056
@@AvayaMentor When creating individual certificate for each CM in duplex CM, what IP Address do I need to use in the certificate, is it the alias IP or the individual IP addresses of each CM?
Certificate should use the servers individual IP address. If any assistance is needed for proper certificate generation recommend you to reach out to our Specialists. They are happy to assist you through any of the channels on this link: support.avaya.com
We can assist related to specific Avaya mentor videos. If you need assistance outside of the topic of this video our specialist are happy to assist you through any of the channels on this link: support.avaya.com/contact/
Finally got this right thanks to your video. Much appreciated!
Thank you! Glad that this video is useful for you
Please remember after you install a rootCA cert you must restart CM. An interchange will not substitute for a restart.
Thank you for your note. Please note that restart is not required on any current releases, it’s not a documented requirement. You may be having an issue which made restart to be performed
We can download the pem file also right instead of chain.pem
nice. so for example, when SM wants to communicate with CM, then CM presents idenity certificate to the SM which in turns validates it ? or is the SM presenting its own identiy certificate to the CM ? and can we create csr from CM in order to make identity certificate that way ? thanks
CM and SM should be using the SAME CA so that the Identity Certificates are created and validated against for communication.
CM will send its Identity Certificate to SM for validation, and SM will send its Identity Certificate to CM for validation.
The comment below says that installing the root CA requires a CM reboot. Is this a video about installing the root CA certificate? Do I really need to reboot CM after installing the certificate as shown in the video? The certificate expires on January 28, 2025. We are running a 24-hour service and cannot reboot.
Please note that restart is not required on any current releases, it’s not a documented requirement.
Incase of LSP, do we need to just download CA pem certificate or generate the server certificate as well?
The same rules that are used on the main CM do apply to ESS and LSP.
in a duplex CM, do we need to generate an individual End Entity certificate for each CM? how do it goes?
Yes, we need to generate individual certificate for each CM. Please refer to CM administration guide page no. 478 download.avaya.com/css/public/documents/101079056
It is possible to create a single ID cert that can be loaded on both CMs in a duplex config.
You need to generate individual certificate for each CM
@@AvayaMentor When creating individual certificate for each CM in duplex CM, what IP Address do I need to use in the certificate, is it the alias IP or the individual IP addresses of each CM?
Certificate should use the servers individual IP address. If any assistance is needed for proper certificate generation recommend you to reach out to our Specialists. They are happy to assist you through any of the channels on this link: support.avaya.com
How disable an analog number in meridian pabx
We can assist related to specific Avaya mentor videos. If you need assistance outside of the topic of this video our specialist are happy to assist you through any of the channels on this link: support.avaya.com/contact/
@@AvayaMentor thanks
Welcome