All server components of Avaya Contact Center – Extended Capacity require identity and trusted Certificate Authority (CA) root certificates for establishing a secure TLS connection, client and server authentication. The trusted CA signs the identity certificates. The system administrator must import all certificates into the contact center truststore.

The administrator must install the certificates for the contact center components that use a TLS connection, including the Routing Core Server, Configuration Server, Application Enablement Services interface, and the Call Management System interface. Data centers in the same High Availability group and contact center endpoints also use a TLS connection and require the trusted CA root certificate.

Avaya Contact Center – Extended Capacity supports certificate revocation. CAs keep track of SSL certificates. After the CA revokes an SSL certificate, the CA retrieves the certificate serial number and adds it to the certificate revocation list.

For more information about certificate installation and revocation, see the certificate installation section in Deploying Avaya Contact Center – Extended Capacity.