Products Products
Support & Forums Support & Forums
Compliance Testing Compliance Testing
Labs & Sandboxes Labs & Sandboxes
Program Program
Co-Marketing Co-Marketing
Avaya Experience Platform Avaya Enterprise Cloud Avaya Client SDK Avaya Aura Platform See All Products Find Developer Resources

Avaya Experience Platform

Overview Interfaces Learning Support Options Compliance Testing

Avaya Enterprise Cloud

Overview Interfaces Learning Support Options Compliance Testing

Avaya Client SDK

Overview Programming Docs Developer Downloads Licensing Support & Testing

Avaya Aura Platform

Application Enablement Services Communication Manager Presence Services Snap-in Session Manager System Manager Session Border Controller
About DevConnect Support Submit Support Tickets Support Forums Other Support Options

About DevConnect Support

Support Options Support FAQs Supported Platforms and Interfaces

Submit Support Tickets

Procured System Support
For procurement issues or questions Remote Lab Support
For issues and questions related to DevConnect remote labs Membership & Program Support
For membership and program benefits questions General Support
For general issues not covered by the other support tickets

Support Forums

Avaya Client SDK AEServices DMCC APIs AEServices JTAPI AEServices Web Services Avaya Workspaces Avaya Experience Platform Orchestration Designer All Forums

Other Support Options

Product Notices Non-DevConnect Support Resources

Compliance Testing

About Compliance Testing Compliance Tested Solutions

About Compliance Testing

Compliance Testing Overview Avaya Interfaces Eligible For Testing Compliance Testing FAQs Compliance Testing Guide(s) (PDF)

Compliance Tested Solutions

DevConnect Marketplace Search Applications Notes

Labs & Sandboxes

Remote Labs Procurement Benefits

Remote Labs

Remote Labs Overview Avaya Aura Session Manager Avaya Aura AE Services & Communication Manager Self Services (Experience Portal) Avaya Proactive Outreach Manager Avaya Contact Center Elite

Procurement Benefits

About DevConnect Procurement Access/View Procurement Catalog Procurement FAQs DevConnect Procured System Support

Program

Program Overview Program Benefits Membership Options

Program Overview

DevConnect Membership Levels DevConnect Program Guide (PDF) DevConnect Program FAQs

Program Benefits

Membership Benefits DevConnect Procurement Co-marketing

Membership Options

Manage My Portfolio/Solutions Manage My Profile

Co-Marketing

Co-Marketing Benefits Relationship Benefits

Co-Marketing Benefits

Co-Marketing Overview Logos Marketplace Co-branded Collateral Select Product Program

Relationship Benefits

Social Media 8-and-Out Podcasts Sponsorships Advertising

Author Message
14/11/2017 07:17:49
Subject: Can TSAPI Client for windows support SHA-2/SHA-256?
#1
Kenji
Joined: Jan 22, 2015
Messages: 105
Offline
Hi Team,

Can TSAPI Client for windows support SHA-2/SHA-256?
If yes, which version of TSAPI Client for windows can support SHA-2/SHA-256?

Actually, we tried to update the default certificate to new certificate which generated by SMGR with SHA-256.
However the NICE Unified(Windows) can not connect with CSTA-S connection.
Then we are finding TSAPI Client for windows which supported SHA-2/SHA-256.

For TSAPI Linux client, I confirmed below comments in "TSAPI and CVLAN Client and SDK Installation Guide".
However I can not find similar information for windows version.
-----
The TSAPI and CVLAN Linux client, installed on RHEL ES v7.2 system and later, will be able to
establish a secure connection to the CVLAN Service running on AE Services 7.1 server when
using certificates with SHA2, for example SHA256 signatures.
-----

Best regards, K.Yamahara
PM
16/11/2017 04:50:27
Subject: Can TSAPI Client for windows support SHA-2/SHA-256?
#2
MartinFlynn
Joined: Nov 30, 2009
Messages: 1922
Online
I do not have much expertise in this area but I checked this with my AES7.1 and TSAPI Client 7.1, using the auto-generated CA certificate from the AE Services. This cert is generated with SHA256. I was able to open a connection so I think I can say that TSAPI Client can handle SHA256 certs.

It may be that older clients don't support SHA256. It may depend on the version of OpenSSH the client uses or maybe the version of Windows.

There are a couple of tools that you can use to help debug certificate type problems.

1. A Wireshark trace will show the negotiations that take place. You can see the certificates being sent and the error code generated.

2. You can check your certificate using OpenSSL. You may need to download and install openSSL or cygwin onto your windows PC. There is some information on this in https://www.sslshopper.com/article-most-common-openssl-commands.html.

Martin
PM
16/11/2017 05:24:46
Subject: Re:Can TSAPI Client for windows support SHA-2/SHA-256?
#3
Kenji
Joined: Jan 22, 2015
Messages: 105
Offline
Hi Martin-san,

Thank you for yor helpful reply.

I understood that TSAPI Client 7.1 for windows can handle SHA256 certs.
We will try to evaluate it with SHA256 certs.
Please close this ticket. If I need your help again, I will ask it as new ticket.

Thank you and regards, K.Yamahara
PM
Go to:   
Mobile view