• ×
    Information
    Windows update impacting certain printer icons and names. Microsoft is working on a solution.
    Click here to learn more
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Windows update impacting certain printer icons and names. Microsoft is working on a solution.
    Click here to learn more
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
The HP Community is where owners of HP products, like you, volunteer to help each other find solutions.
HP Recommended

Good afternoon,

 

I've a new RMX 2000 deployment, as an upgrade from the MGC 500 and am having a series of issues regarding certificates.

Basically when trying to send them in the section regarding "SIP Servers" it accepts them and then asks to reboot the system, that is promptly done. Once rebooted, though, the certificate option is set on TLS > CSR, differently from my request: TLS >  PEM/PFX.
A similar issue happens when trying to load directly the CA chain on the certificate repository. the error message I get is "upload failed" (or something similar). I've tried with all types of certificates (DER, Base 64, Chain and non, etc) but always get errors.
What am I missing? It must be something stupid...

Having maybe a messed up repository I decided to connect to the RMX 2000 via serial to see what is actually stored and not seen, but when connecting it asks me a user name/password that does not corrispond to those created under the user list on the RMX itself (the ones that you can see from the web/java interface). I've also tried POLYCOM/POLYCOM that does not work and I'm totally out of ideas. Ideas on which credentials to use?

 

Thanks for every suggestion, I'm gong crazy.

 

Regards,

 Sasa

 

6 REPLIES 6
HP Recommended

Hi

 

Check out my step by step guide here and check out the Certificates section.

 

http://bit.ly/w8U5TI

HP Recommended

Hi Graham,

 

thank you for your reply. Your documentation was the one we followed step by step and I wanted to thank you for having created it.
Unluckily though it seems that the RMX 2000 is having issues in uploading/accepting our certificates created in that maner (in any maner as it seems now) and we are woundering if it is an RMX secutiry configuration somewhere.

 

Any help is more than welcome.

 

Thanks once again,

 

Sasa

HP Recommended

Sasa,

 

The first issue you mention, about the certificate method dropdown changing back to CSR after reboot, is completely normal. That is just the way that screen displays, regardless of what method you used to upload the certificates. It sounds like the RMX actually accepted the first certificate you loaded. If the RMX does not accept a cert, it doesn't prompt you to reboot. It just immediately pops up a window that says "Failed to load SSL certificate."

 

The other issue you mention with regards to the certificate repository does not have anything to do with Lync. The certificate repository stuff under Admin -> RMX Secured Communication is used for HTTPS management of the bridge and has nothing to do with Lync integration. You do not need to upload a CRL and Root CA for the Lync integration, only the RMX server certificate.

 

The one caveat when loading certificates using the PFX method is that if you use a PFX file with no password, and you do not include a password file, the RMX will assume the password is "polycom." So make sure that you include a password file even if the pfx is not password protected.

HP Recommended

Hi Alki,

 

thank you for your prompt reply and time.

I uploaded the .pfx file (with the CA chain included) and the certPassword.txt file, and then am prompted to restart.

How can I view that the certificate has actually been uploaded? Can I see it in a repository somewhere?

I went on the  certificate repository for two reasons:

- I wanted to see if the certificate was present (I was hoping I could see it from there). Is there any way to do so?
- I wanted to upload the CA Chain as a single separate certificate, as our CA is a local CA not present in the trusted public CA list used by the RMX 2000

Having performed the upload and reboot I could not connect with my lync. On my frontend side I had an "activily refused connection" from the RMX.

Thank you one again for your time,

 

Sasa

HP Recommended

Hi, i am having a similar issue. my RMX in not allowing me to upload the certPassword file. it just hangs and does not give me a successfull message.

 

the error message i get is SIP TLS: No response from Registration server (cs id 3)

 

software version 7.6.1.136

 

to view the certs loaded:

*how do i enable SSH to connect to the RMX?

*what IP do i use to connect on port 22?

HP Recommended

@zaheer wrote:

 

 

to view the certs loaded:

*how do i enable SSH to connect to the RMX?

*what IP do i use to connect on port 22?


Hello zaheer,

welcome to the Polycom Community.

I am quite sure only Polycom employees access the SSH connectivity. I would suggest you contact your Polycom reseller to raise a ticket.

Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

Polycom Global Services

------------------------------------------------
Notice: I am an HP Poly employee but all replies within the community are done as a volunteer outside of my day role. This community forum is not an official HP Poly support resource, thus responses from HP Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge.
If you need immediate and/or official assistance for former Poly\Plantronics\Polycom please open a service ticket through your support channels
For HP products please check HP Support.

Please also ensure you always check the General VoIP , Video Endpoint , UC Platform (Microsoft) , PSTN
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.