Sign in using DevConnect ID

Forgot password?

Trouble logging in?

Submit a ticket for Registration Support.

I have an SSO ID

?
sign in

Don't have a DevConnect or SSO ID ?

Create a DevConnect account or join the program.

register now
^
Forum Index » Avaya Aura Orchestration Designer » AES Connector Name Licensing Certificate in vpcticonnector.jks   XML
 
Author Message
WilsonYu



Joined: 06/11/2013 14:29:24
Messages: 2413
Offline

We have recently updated the vpcticonnector.jks trust store with a new certificate which extends the date of expiration. The new valid dates are from 11/21/2017 to 8/23/2022. If you are using AES Connector and secured connection, please do the following:

1. Go to the AES Connector app directory in the app server.
2. Find the vpcticonnector.jks file under the WEB-INF/lib directory, and replace it with the one attached.
3. Restart the app server.

This file can be used for all currently supported releases of Orchestration Designer.
 Filename vpcticonnector.jks [Disk] Download
 Description No description given
 Filesize 4 Kbytes
 Downloaded:  442 time(s)

This message was edited 2 times. Last update was at 09/01/2018 09:44:10

HiroshiFujita



Joined: 18/04/2014 04:27:45
Messages: 2
Offline

Hi

Is there a way to check that the period has been extended after changing the jks file?
WilsonYu



Joined: 06/11/2013 14:29:24
Messages: 2413
Offline

Not really, the certificate is being accessed and used internally.
HiroshiFujita



Joined: 18/04/2014 04:27:45
Messages: 2
Offline

I found the method.


1. Enable JTAPI DebugLog on the app server.
2. Open debug log, search "ds:X509Certificate".
3. Copy string in the <ds:X509Certificate> tag.
4. Paste string to text editor, and save as certificate file such as "after.crt".
5. Check expiration date of the certificate file.

This message was edited 1 time. Last update was at 07/12/2017 20:28:36

WilsonYu



Joined: 06/11/2013 14:29:24
Messages: 2413
Offline

Good finding. I didn't know it would show up in the jtapi log.
OldSeb



Joined: 04/01/2018 06:18:58
Messages: 1
Offline

New certificate will expire at June 23rd 2022. Old one at June 24th 2018.
Certificate can be exported from store file easly using any java tool named keytool by issuing a command:

keytool -export -keystore vpcticonnector.jks -file out.crt -alias mykey
(put empty password)

Next you can view out.crt file using any PC machine.

Regards
Seb

This message was edited 2 times. Last update was at 04/01/2018 06:26:14

BrunoTapette



Joined: 04/06/2018 10:51:20
Messages: 2
Offline

Hello Team,

Please, could you answer a couple of questions about this update:

1- How do we check if the OD is using the AES Connector Name Licensing Certificate?
2- What error will be seen and which log we can check in order to confirm if this is indeed a license issue?
3- Will the errors appear after the certificate expires, or only after the next restart?
4- Is there anything preventing the customers to implement the update in ODs that are not using the AES Connector Name Licensing Certificate? (in other words, should they only execute the update if the OD is using the AES Connector Name Licensing Certificate?)
5- Is there a command we can execute to check if the certificate has the new date (using openssl, keytool or similar) and what response should the customer expect? <-- just noticed that this is answered in OldSeb reply above
6- Is there a file that informs the OD version?

Kind regards,

This message was edited 3 times. Last update was at 04/06/2018 12:28:43

AlexDevConnect



Joined: 05/06/2018 10:02:59
Messages: 1
Offline

You can view the the validity of the certificate:
keytool -list -v -keystore vpcticonnector.jks
No Password (Enter)

Alias name: mykey
Creation date: Nov 21, 2017
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=VP_001
Issuer: CN=Avaya HDTG Product Root, OU=HDTG, O=Avaya Inc., C=US
Serial number: 300ee3a8749c4859
Valid from: Tue Nov 21 10:19:16 EET 2017 until: Tue Aug 23 17:29:49 EEST 2022

This message was edited 2 times. Last update was at 05/06/2018 10:35:28

BrunoTapette



Joined: 04/06/2018 10:51:20
Messages: 2
Offline

Thank you very much!

Team,

Any answer to the other questions?

1- How do we check if the OD is using the AES Connector Name Licensing Certificate?
2- What error will be seen and which log we can check in order to confirm if this is indeed a license issue?
3- Will the errors appear after the certificate expires, or only after the next restart?
4- Is there anything preventing the customers to implement the update in ODs that are not using the AES Connector Name Licensing Certificate? (in other words, should they only execute the update if the OD is using the AES Connector Name Licensing Certificate?)
6- Is there a file that informs the OD version?
MagdalenaCenteno



Joined: 06/01/2014 16:07:15
Messages: 1
Offline

Can you please confirm that these actions should only be taken if the customers are using CSTA-S (secured links) t-links?
JOHN-JHENG



Joined: 26/05/2015 22:48:30
Messages: 25
Offline

Hello,

I updata the vpcticonnector.jks,but it is show the WARN.

13/07/2018 23:45:53:604 DEBUG - CTIConnectorManager.initProvider: setup named licensing.
13/07/2018 23:45:53:648 WARN - CTIConnectorManager.initProvider: problem with requestPrivileges; the version of AES may not support Namm [23;1Hed Licensing. (Exception - com.avaya.jtapi.tsapi.TsapiPlatformException: requestPrivileges failure: com.avaya.jtapi.tsapi.TsapiPlatformEE [24;1Hxception: ACS Error: 120)

Thanks fo help.
 
 
Go to: