Manualshelf

Installation guide

ManualsBrandsAcano ManualsComputer equipmentSolution
11121314151617181920
Creating and Installing Certificates
Acano solution: Deployment Guide R1.2 76-1006-06-K
Page 18
Note: The command pki inspect <filename> - inspects the file <filename> and shows
whether it is a private key, a certificate, a CSR or other file type. In the case of certificates,
various details are displayed. If you do not see the files that you are expecting, use this
command.
3.3 Installing the Call Bridge Certificate for TLS
The Call Bridge needs a key and certificate pair that is used to establish TLS connections with
SIP call control devices and with the Lync Front End server.
If you are using Lync, this certificate will need to be trusted by the Lync Front End Server; the
best way to achieve this is to sign the certificate on the CA (Certification Authority) server that
has issued the certificates for the Lync Front End Server.
Two files must be installed on the MMP of the Acano solution:
A private key for example in PEM format called privkey.pem
A signed certificate, for example also in PEM format, called cacert.pem.
If you are intending to use self-signed certificates for testing, use the pki selfsigned
command mentioned above. If you are intending to generate a private key and CSR use steps 2
to 4 inclusive in the next section to create these files and then upload the certificate.
3.4 Installing the XMPP Certificate and License
The XMPP server is used by the Acano clients. If you are testing the Acano clients follow the
steps below. You will also need to set the network interface for the XMPP in section 4.7.
Note: If you are not using the Acano clients including the WebRTC Client, skip this section.
1. Create DNS A and SRV records for the Acano solution.
Create DNS A record for the fully qualified domain name (FQDN) of the Acano solution
that will be used to host the XMPP Server and set it to the IP Address of Interface A.
Create DNS SRV record for _xmpp-server._tcp for port 5269 pointing to the DNS A
record created above.
Create DNS SRV record for _xmpp-client._tcp for port 5222 pointing to the DNS A
record created above.
Test the above with the following commands:
nslookup -querytype=srv _xmpp-server._tcp.example.com
nslookup -querytype=srv _xmpp-client._tcp.example.com
Note: From R1.2 you can configure the DNS resolver(s) to return values which are not
configured in external DNS servers or which need to be overridden; custom Resource
Records (RRs) can be configured which will be returned instead of querying external DNS
servers. See the MMP Command Reference for details.