Default root certificate on Video Manager expires in one year

The default root certificate on the Sametime® Video Manager expires in one year. Calls that are placed after the certificate expires will fail and users will see the following message: Dial Failure : AVKCS2200E: Failure Response 503.

About this task

The Video Manager certificate is imported to the Sametime System Console for SSL communications between the Sametime Conference Manager and the Sametime Video Manager, and between the System Console and the Video Manager.

The expired certificate is renewed automatically by WebSphere® Application Server; importing the renewed certificate to the Sametime System Console resolves the issue. But the renewed certificate also expires in one year.

To avoid the need for annual renewal, complete this procedure to create a certificate that expires in 15 years.

Procedure

  1. On the Sametime Video Manager, log in to the WebSphere Integrated Solutions Console as the WebSphere administrator.
  2. Click SSL certificate and key management > Key stores and certificates > NodeVMGRKeyStore > Personal certificates.
  3. Click Import.
  4. On the "Import" page, complete these fields:
    • Key store: NodeDefaultKeyStore
    • Key store password: WebAS (this is the default password)
    • Certificate alias to import: default
    • Imported certificate alias: default
  5. Click OK.
  6. In the navigation tree, click SSL certificate and key management > Key stores and certificates > NodeVMGRKeyStore > Personal certificates.
  7. Select the certificate with the "appserver" alias, and click Replace.
  8. On the "Replace" page, complete the following details:
    • Replace With: default
    • Select both the Delete options.
  9. Click OK.
  10. Restart the Video Manager.
  11. Exchange the new certificate with each of the other Video Manager servers, as explained in Exchanging certificates between nodes in a Video Manager cluster.
  12. Restart the Sametime Conference Manager.