Plantronics + Polycom. Now together as Poly Logo

Certificate issue with DMA 7000

jgm2003
Occasional Visitor

Certificate issue with DMA 7000

My DMA 7000 had an expired Server SSL certificate.  In updating it, we removed what we believed to be some outdated certs.  Well, we're now locked out of our DMA 7000.  Accessing the Web UI gives us the "There is a problem with this website's security certificate" error and does NOT allow us to continue to the DMA 7000.  We haven't found a way around the error.  We plugged directly into the console, hoping we may be able to do something there, but it just gives us a login and nothing seems to work.  We contacted Polycom support and they basically told us we would have to restore the DMA 7000 to factory settings.  I have a hard time believing that.  I found an article about the CMA 5000 for this exact problem and how to resolve it, so I'm hoping there is a similar solution for the DMA 7000.  I need a way to remote into the DMA 7000, and then add certificates or restore default certificates.  Anyone have an idea how?  Can I do something via the console?  Can I SSH or RDP into it?  If I truly need to wipe the system, then I'll probably just update to the newest version and rebuild from scratch.  Thanks!

Message 1 of 7
6 REPLIES 6
CurtisBona
Advisor

Re: Certificate issue with DMA 7000

I had a similar problem last year and was told by a Polycom rep that the only way to get remote access was to factory reset the DMA.  Before doing this, though, I would seriously consider contacting your Polycom rep to confirm!!  Surely Polycom can figure out a less confusing way to manage certificates....

 

Message 2 of 7
SteffenBaierUK
Polycom Employee & Community Manager

Re: Certificate issue with DMA 7000

Hello all,

welcome to the Polycom Community.

Certificates are all about security and if our Support team had already advised of the correct next steps then these should be followed up.

 

Please work with your Polycom reseller and/or Polycom support directly if any further assistance is required.

Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

Polycom Global Services

----------------
The title Polycom Employee & Community Manager is a community setting and does not reflect my role. I am just a simple volunteer in the community like everybody else. All posts and words are my own & do not represent the views of Employer.

----------------

Notice: This community forum is not an official Poly support resource, thus responses from Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge. If you need immediate and/or official assistance please open a service ticket through your proper support channels.
Please also ensure you always check the VoIP , Video Endpoint , Skype for Business , PSTN or RPM FAQ's
Message 3 of 7
simons
Polycom Employee

Re: Certificate issue with DMA 7000

JGM,

 

I would have gotten this case escalated as you are right. As long as we have SSH access, then we should be able to copy over a default certificate store in order to get you up and running. I had to do someting similar with an RPAD installation because the RPAD does not have a reset cert button (at the time) like the CMA does. 

 

Since the DMA is an applicance, there is little I can do on these public forums. If the DMA password was given, for example, you would have access to all of the DMAs which have public access. This represents a security flaw which we are slowly addressing. 

 

if going through the escalation process is long and drawn out, then a reimage might make more sense since the available upgrade includes a reimage anyway.

 

S.

Message 4 of 7
helprequired1
Frequent Visitor

Re: Certificate issue with DMA 7000

Hello,

 

We have similar issue, polycom support informed that the certificate chain is broken and the option they suggest is to reimage or escalte to tier3..... just saw your posts and this are pretty old...polycom have not figured out anything for this issue in mean time ?

 

Regards,

San.

 

Message 5 of 7
SteffenBaierUK
Polycom Employee & Community Manager

Re: Certificate issue with DMA 7000

Hello San,

welcome to the Polycom Community.

The trouble is that people for whatever reason chose not to involve our Support Organisation basically depriving themselves and others of ever finding a solution.

 

We can therefore only guess the root cause and troubleshooting would require an official ticket.

Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

Polycom Global Services

----------------
The title Polycom Employee & Community Manager is a community setting and does not reflect my role. I am just a simple volunteer in the community like everybody else. All posts and words are my own & do not represent the views of Employer.

----------------

Notice: This community forum is not an official Poly support resource, thus responses from Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge. If you need immediate and/or official assistance please open a service ticket through your proper support channels.
Please also ensure you always check the VoIP , Video Endpoint , Skype for Business , PSTN or RPM FAQ's
Message 6 of 7
MikeB
Polycom Employee

Re: Certificate issue with DMA 7000

What browser are you using? Different browsers behave differently when it comes to certificate validation. Chrome is the most stringent but IE 11 isn't far behind. Firefox appears to be the most lenient. It will at least give you the option to continue after it has warned you about a certificate problem.

 

 

Michael K. Bromley, CVE, CCENT, WCNA, VCA-DCV
Technical Lead
Infrastructure Technical Support Center
Message 7 of 7