SAL : SAL Gateway Certificate Untrusted Errors

Doc ID		SOLN271707
Version:		5.0
Status:		Published
Published date:		11 Feb 2022
Created Date:		10 Jul 2015

Author:

Mark Hunter

Details

All Versions of SAL Gateway.

Problem Clarification

Missed Heartbeat Notification from the SAL Gateway.

SAL Gateway alarming will not work due to the missed/inactive heartbeats to the Avaya Core Server.

Cause

The SAL Gateway is pointing to a business partner Core Server for alarming and therefore will not heartbeat to Avaya. However alarms should still be federated to Avaya from the business partner Core Server.

The connection fails to the business partner Core Server when testing from the SAL Gateway user interface and returns with a "Certificate is untrusted" error. The SAL Gateway will not send alarms until the certificate error is resolved.

Solution

This issue will have to be resolved by the business partner as they are responsible for their certificates to their Core Server. Contact the corresponding business partner to have them investigate the certificate error. Once resolved test the SAL Gateway and ensure that the alarms are now reaching the Avaya Core Server.

Here an example of how the certificate looks like from an Avaya lab. In one case the customer had other certificate disturbing the Avaya certificate and changing the issuer field:
Server certificate:
* subject: CN=secure.alarming.avaya.com,O="Avaya, Inc.",L=Basking Ridge,ST=New Jersey,C=US
* start date: Jul 29 00:00:00 2021 GMT
* expire date: Aug 23 23:59:59 2022 GMT
* common name: secure.alarming.avaya.com
* issuer: CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US

Additional Relevant Phrases

SAL Gateway alarms are not being forwarded to Avaya. Certificate untrusted error under the remote server section of the SALGW.

Avaya -- Proprietary. Use pursuant to the terms of your signed agreement or Avaya policy