Approach 1: PKI Trust Domain based on Primary or Linux Application Server root CA

Last Updated : Apr 14, 2022 |

This option allows identity certificates to be generated using the root CA certificate of the server.

Relative advantages include:

  • Cost over a commercial CA.

  • Control of the CA is internal.

  • Certificate content format compatible with other Avaya components.

  • The certificate policy is flexible and not subject to commercial considerations.

  • The trust relationships do not extend outside of the deployment – that is, it remains a private domain.

Relative disadvantages include:

  • The root CA certificate is untrusted by 3rd parties and other IP Office components and therefore needs to be distributed.

  • The certificate creation and distribution process is manual.