Certificates on Ignition server

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • bdholmes
    Hot Shot
    • Aug 2014
    • 16
    #1

    Certificates on Ignition server

    Our security dept renewed or Root and Signing CA certificates. When I try to load the new certificates into our Ignition server it says the name cannot match an existing certificate and refuses to load.

    Don't I need the old and new since most of our objects were signed with the old. Or can I just delete the old and load the new?

    Many of our objects were not signed with the new certificates yet.

    Or will the ignition server only look at the name on the certificate for trust? None of the other information on the certificate matters? date, serial # etc..

    Trying to understand how this is going to work.
    Brian Holmes

    Network Architect
    Fiat Chrysler Automobiles
    Tags: certificate, eap-tls, ide, ignition
  • bdholmes
    Hot Shot
    • Aug 2014
    • 16
    #2
    This is actually broken in v9.0.1. One cannot load two certificates with the same name, even if the public key is different. I will have to try and get a bug fix from Avaya for this as our public certificate is expiring soon, so we simply renewed it with the same name.

    The problem is the Ignition server will only allow us to load the old or the new and not both. So if I load the new, all old clients become untrusted...and if I load the old, any client signed by the new will be untrusted.

    In a pickle here.
    Brian Holmes

    Network Architect
    Fiat Chrysler Automobiles

    Comment

    • rshaynes
      Whiz
      .
      • Mar 2010
      • 27
      #3
      Duplicate Certificate Import Concern

      Brian,

      Thank you for reporting this issue via the forums. We would appreciate that if you believe you have identified potential product related issues that you raise a services support request with Avaya Support Services @ https://support.avaya.com.

      In the interim I will review your findings and discuss with our development teams regarding this issue.

      Comment

      Previous template Next
      Loading