Modifying the configuration file

After obtaining and adding the SSL root certificate to the directory of your choice, you must modify the configuration file (default.cfg) before the system can recognize and use it.

To modify the default.cfg file for the SSL certificate:

1. Open the default.cfg file for editing.

   The default path to the default.cfg file is: /vs/data/vxml/default.cfg

2. Add the following entry:

   client.inet.sslCAfile VXIString </fullpath/certificate.file>

   where </fullpath/certificate.file> represents the full path to the SSL root certificate.

3. Find the following entry:

   client.inet.sslMustVerify VXIInteger [0/1]

4. If the final integer is 0, then change it to 1.

   A value of 0 here (which is the default value) means that no verification is needed and the system will accept the public server certificate regardless of its validity.

   A value of 1 here causes the system to validate the public server certificate.

   Note:
   If this entry has a value of 1 and the certificate is not trusted (either not valid or or expired), then a badfetch error will be thrown. You can use the 3000 vxi debug level to determine why, if this is the case.

5. Save and close the default.cfg file.
6. Stop and restart the voice system.

   The voice system must be stopped and restarted for these parameters to take effect.

© 2004 Avaya Inc. All Rights Reserved.