409 - Enable Scripting or Automation for Certificate Renewals on Avaya Applications
Eric Wainz
Due to recent changes introduced by the CA/Browser Forum (Ballot SC081v3), certificate validity periods are being significantly reduced. (200 days next year, 100 days in 2027 and 47 days in 2029). While I know this is restriction for publicly signed certificates I have a lot of customers that use what is the "industry standard" for the internally signed certificates also. So please provide functionality that allows scripting or automation of certificate renewal and deployment within Avaya platforms. By either API or CLI or some other automated way.
IAUG
Submitted to Avaya, 12/2/2025
RC
Thanks for referencing the CAB Forum! They are responsible for these changes and always provide the source document to the rumors.
I fully support this idea -- all the Aura products need to have some way to manually handle certificates.
I'm hoping using a single API per server we can authenticate using either a key or known credentials within the server. We then need the ability to query/replace/generate a CSR for- each ID cert and trust store for each service within the system. Being able to access this via a RESTful API would be very convenient and fit many existing automation options for certificates.