Trust management

Last Updated : Apr 25, 2023 |

Multiple Trust Stores exist on Avaya Breeze® platform. Each Trust Store contains a set of CA certificates that are trusted by a given service. The following table describes them.

Store type

Purpose

Protocol

SECURITY_MODULE_HTTP

Used for validating client identity certificates on secure HTTP connections from SIP Endpoints (Hardphones, Softphones, etc.). The endpoints use this HTTP connection for PPM protocol.

HTTPS

SECURITY_MODULE_SIP

Used for validating identity certificates for SIP TLS connections between Avaya Breeze® platform and external devices (e.g. Communication Manager, SBC, SIP Endpoints, etc.)

SIP

WEBSPHERE

Used by the WebSphere SIP container for validating the identity certificate of the Security Module

This store should only contain the CA certificate that signed the Security Module SIP identity certificate. This store is not used to validate any identity certificate presented by an external TLS connection.

SIP

SPIRIT

Used by the Spirit Agent to validate the identity certificate

HTTPS

MGMT_JBOSS

Used for validating the identity certificates of System Manager for management (RMI/JMX, DRS replication, etc.)

JMX, RMI, HTTPS

CLUSTER_DB

Used for validating the Cluster DB certificates

DB

POSTGRES

Used for validating the POSTGRES DB certificates

DB

AUTHORIZATION_SERVICE

Used for validating the Authorization service certificates

AS
Related information
Certificate management
Viewing trusted CA certificates
Adding trusted CA certificates
Removing trusted CA certificates
Exporting an Avaya Breeze platform certificate
Exporting the System Manager root CA certificate