Configuring third-party identity certificates for System Manager

Last Updated : Jun 10, 2026 |

About this task

In an Avaya Aura® deployment, you can use identity certificates signed by a third-party CA for Avaya Aura® Device Services. If you use certificates signed by a third-party CA, ensure that System Manager also uses an identity certificate signed by the same third-party CA. If System Manager does not have this certificate, Avaya Aura® Device Services installation will fail.

The third-party CA identity certificate for System Manager must meet the following requirements:

  • The certificate format is PKCS12.

  • The Common Name attribute is the System Manager virtual FQDN.

For more information about configuring identity certificates on System Manager, see Managing identity certificates in Administering Avaya Aura® System Manager.

Before you begin

Obtain an identity certificate for System Manager from the third-party CA. For more information about obtaining identity certificates, see the documentation for your third-party CA.

Procedure

  1. Log in to the System Manager web console.
  2. On the System Manager web console, click Services > Inventory > Manage Elements.
  3. On the Manage Elements page, select System Manager and click More Actions > Manage Identity Certificates.
  4. On the Manage Identity Certificates page, select container_tls and replace the existing certificate with the identity certificate for System Manager you obtained in step 1.
  5. To reboot System Manager and apply the changes, do the following:
    1. On the System Manager web console, click Services > Shutdown > Shutdown System Manager.
    2. In Initiate Reboot, click Reboot System Manager.
    3. In the confirmation window, click Yes.
Related information
Certificates required for an Avaya Aura environment