Improving security certificate management across all Aura solutions is a significant undertaking. Nevertheless, it continues to be reviewed within Avaya. Avaya is aware of this request, and the issue is regularly discussed with the IAUG Feature Request volunteer committee and other customers. Avaya would like to keep this request open, with more to come in early 2025 as the 10.3 release will be forthcoming then.

Avaya - can't you just add the free Let's Encrypt plug in and let it handle everything?

I think the management interface needs to take into consideration self-signed, internal CA's (i.e. Active Directory) as well as third party certs. In our environment we have all three types of certs because of the various sip endpoints we are connected to.

Feature in Aura 8.1.3 System Manager SCEP Enhancements to improve Cert Distribution to Endpoints. Provides improvement in this area Avaya will Present details at next planned meeting

I would like to add this - Avaya has the opportunity here to fix the complexity of PKI/Certificates and make it so the average IT person can see them at a glance AND know what needs to be done to renew certs. That is the real intent of this request - To try eliminate the complexities here since most of the telecom folks I have talked with over the years are still not comfortable about managing the Certificates on the Avaya platforms.

Better tools might include reporting across the entire collection of systems in the System Manager inventory broken down by certificate function (SIP, web etc) with upcoming expiration events called out in the System Manager Dashboard. Would help explain what is expiring and what will be affected.

FR# 25 - Sent to Avaya 4/24/20

Self signed is not the only option but I would agree on the management side. Better tools for validating.