Product Support Notice
© 2012 Avaya Inc. All Rights Reserved.
PSN # PSN003627u
Original publication date: 24-Apr-12. This is Issue #01, published date:
Severity/risk level Low
Urgency When convenient
24-Apr-12.
Name of problem CMS Supervisor Web: Microsoft Internet Explorer displays security warning when the CMS Supervisor Web
page is loaded in a new browser window.
Products affected
Call Management System (CMS): Release: CMS Supervisor Web – all versions are affected. First released with R16.3 CMS.
Problem description
Microsoft Internet Explorer displays a security warning every time the CMS Supervisor Web page is loaded in a new browser window
(A). Also, once the CMS Supervisor Web application is loaded, a pink certificate error persists (B).
CN value in cmsweb.jks differs from the server URL value resulting in a security warning
If the CN value in the CMS server cmsweb.jks file differs from the server URL value, Microsoft Internet Explorer may generate a
security warning every time CMS Supervisor Web is accessed from a new browser window.
In this example, finch.dr.avaya.com is the server URL value:
A) Certificate error
A certificate error message is displayed and the entire URL line remains pink.
Resolution
A) CN value in cmsweb.jks differs from the server URL value resulting in a certificate warning.
Login to the CMS server with the root login ID and follow these steps to clear:
1) Go to the /opt/cmsweb/cert directory on the CMS:
# cd /opt/cmsweb/cert
2) Enter the following command and check the URL/Common Name (CN) value.
# /opt/cmsweb/bin/showcrt.sh
URL/Common Name: finch
#
3) If the CN value does not match the server URL entered by users when accessing the CMS Supervisor Web interface,
update the CN value with this command:
# /opt/cmsweb/bin/chgcrt.sh
Please enter the URL (default: finch):
finch.dr.avaya.com
#
In the example above, finch is the CN value in the current cmsweb.jks file. However, users are accessing the server with
the fully qualified domain name finch.dr.avaya.com. Therefore, the CN value should be updated to finch.dr.avaya.com.
© 2012 Avaya Inc. All Rights Reserved.
Page 2
4) Verify the change:
# /opt/cmsweb/bin/showcrt.sh
URL/Common Name: finch.dr.avaya.com
#
5) Stop cmsweb
# cmsweb stop
6) Start cmsweb
# cmsweb start
B) Pink URL Certificate Error
Install Certificate in Internet Explorer
Click on the Certificate Error tab and the “Untrusted Certificate” screen is displayed.
The bottom of the “Untrusted Certificate” window has a link named “View certificates”
Click on the “View certificates” link and the “Certificate” screen is displayed:
Click on the “Install Certificate” button
© 2012 Avaya Inc. All Rights Reserved.
Page 3
The “Welcome to the Certificate Import Wizard” screen is displayed.
Click the Next button and the “Certificate Store” screen is displayed.
Click the radial button for “Automatically place the certificate store based on the type of certificate”
Click the Next button and the “Completing the Certificate Import Wizard” screen is displayed.
© 2012 Avaya Inc. All Rights Reserved.
Page 4
Click the Finish button and a “Security Warning” screen is displayed.
Click Yes, to install the certificate
Click OK to close the Certificate Import Wizard window.
Close the browser.
© 2012 Avaya Inc. All Rights Reserved.
Page 5
Verify the changes
Open a browser and select Tools | Internet Options
Click on the Content tab
Click on Certificates under the Certificates section.
Click on the Trusted Root Certification Authorities tab
Scroll through the list to verify your certificate name is listed
© 2012 Avaya Inc. All Rights Reserved.
Page 6
Click on Close to close the Certificates window
Workaround or alternative remediation
Remarks
n/a
Patch Notes
The information in this section concerns the patch, if any, recommended in the Resolution above.
n/a
Download
n/a
Patch install instructions
n/a
Verification
n/a
Failure
n/a
Patch uninstall instructions
n/a
Service-interrupting?
No
Security Notes
The information in this section concerns the security risk, if any, represented by the topic of this PSN.
© 2012 Avaya Inc. All Rights Reserved.
Page 7
Security risks
n/a
Avaya Security Vulnerability Classification
Not Susceptible
Mitigation
n/a
For additional support, contact your Authorized Service Provider. Depending on your coverage entitlements, additional
support may incur charges. Support is provided per your warranty or service contract terms unless otherwise specified.
Avaya Support Contact
Telephone
U.S. Remote Technical Services – Enterprise
U.S. Remote Technical Services – Small Medium Enterprise
U.S. Remote Technical Services – BusinessPartners for Enterprise Product
BusinessPartners for Small Medium Product
Canada
Caribbean and Latin America
Europe, Middle East, and Africa
Asia Pacific
800-242-2121
800-628-2888
877-295-0099
Please contact your distributor.
800-387-4268
786-331-0860
36-1238-8334
65-6872-8686
Disclaimer: ALL INFORMATION IS BELIEVED TO BE CORRECT AT THE TIME OF PUBLICATION AND IS PROVIDED “AS IS”.
AVAYA INC., ON BEHALF OF ITSELF AND ITS SUBSIDIARIES AND AFFILIATES (HEREINAFTER COLLECTIVELY REFERRED TO
AS “AVAYA”), DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND FURTHERMORE, AVAYA MAKES NO REPRESENTATIONS
OR WARRANTIES THAT THE STEPS RECOMMENDED WILL ELIMINATE SECURITY OR VIRUS THREATS TO CUSTOMERS’
SYSTEMS. IN NO EVENT SHALL AVAYA BE LIABLE FOR ANY DAMAGES WHATSOEVER ARISING OUT OF OR IN CONNECTION
WITH THE INFORMATION OR RECOMMENDED ACTIONS PROVIDED HEREIN, INCLUDING DIRECT, INDIRECT, CONSEQUENTIAL
DAMAGES, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF AVAYA HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.
THE INFORMATION PROVIDED HERE DOES NOT AFFECT THE SUPPORT AGREEMENTS IN PLACE FOR AVAYA PRODUCTS.
SUPPORT FOR AVAYA PRODUCTS CONTINUES TO BE EXECUTED AS PER EXISTING AGREEMENTS WITH AVAYA.
All trademarks identified by ® or TM are registered trademarks or trademarks, respectively, of Avaya Inc.
All other trademarks are the property of their respective owners.
© 2012 Avaya Inc. All Rights Reserved.
Page 8