Checklist for creating TLS server profiles for reverse proxy in a multiple FQDN deployment

Last Updated : Oct 15, 2020 |

No.

Task

Notes

1

Create certificate signing requests for each service FQDNs.

See Certificate setup.

Create one certificate for each FQDN used by services deployed in the solution, such as Avaya Meetings Server Management service, Web Collaboration Services, and Avaya Aura® Web Gateway/Portal. If you are using several Web Collaboration Services servers, you need to create a separate CSR for each Web Collaboration Services FQDN. Use the following options specific for this deployment model:

  • For Common Name, use the FQDN assigned to that service. For example: conferencing_management.company.com for Avaya Meetings Server Management service.

  • For Subject Alternative Name, use the global FQDN. For example: DNS:conferencing_management.company.com for Avaya Meetings Server Management service.

2

For each CSR, download and save created .KEY and .CSR files.

3

Send .CSR files to a public CA for signing.

4

Install the signed certificates and keys on the Avaya SBC.

See Installing a certificate and a key.

When installing certificates, use descriptive names. For example: conferencingManagementCert for the Avaya Meetings Server Management service certificate.

Note:

When installing a certificate, make sure that you use the corresponding key. Do not install keys of another certificates.

5

Create TLS server profiles using the installed certificates.

See Creating a TLS server profile.

When creating profiles, use certificates installed on the Avaya SBC in the previous step.

Provide a descriptive name for each profile. For example: conferenceMgmtTlsProfile for the Avaya Meetings Server Management service profile.
Related information
Reverse proxy configuration checklist for a multiple FQDN deployment