Multiple Trust Stores exist on Session Manager. Every Trust Store contains a set of CA certificates trusted by a given service. The following table describes the CA certificates trusted by each type of Trust Store:
Store type |
Purpose |
Protocol |
Notes |
SECURITY_MODULE_HTTP |
Validates client identity certificates on secure HTTP connections from SIP Endpoints such as Hardphones and Softphones. The endpoints use the HTTP connection for PPM protocol. |
HTTPS |
|
SECURITY_MODULE_SIP |
Validates identity certificates for SIP TLS connections between Session Manager and external devices such as Communication Manager, Avaya SBC, and SIP Endpoints. |
SIP |
|
WEBSPHERE |
Used by the WebSphere SIP container to validate the identity certificate of the Security Module. |
SIP |
The store must contain the Security Module SIP identity certificate signed by the CA certificate. The store does not validate any identity certificate presented by an external TLS connection. |
SAL_AGENT |
Used by the Spirit Agent to validate the identity certificate of TODO. |
HTTPS |
|
MGMT_JBOSS |
Validates the identity certificates of System Manager for management such as RMI/JMX, and DRS replication. |
JMX, RMI, HTTPS |
|
