300-810 · Question #167
A jabber user reports that they receive pop-up windows warring about untrusted certificates when they attempt to log in to jabber without receiving the certificate warnings. Which two actions resolve
The correct answer is A. Add the certificates to the client machine's local certificate store or keychain D. Replace self-signed certificates with certificates signed by a CA. Jabber validates the SSL/TLS certificates of every server it connects to (CUCM, CUP, voicemail, etc.). Untrusted certificate warnings occur when those certificates are self-signed or issued by a CA that the client machine does not trust. Two valid resolutions are: (A) Add the cer
Question
A jabber user reports that they receive pop-up windows warring about untrusted certificates when they attempt to log in to jabber without receiving the certificate warnings. Which two actions resolve this issue? (Choose two.)
Options
- AAdd the certificates to the client machine's local certificate store or keychain
- BReinstall the Jabber client using the /quiet option
- CConfigure Jabber with the INVALID_CERTIFICATE_BEHAVIOR option set to
- DReplace self-signed certificates with certificates signed by a CA
- EMove the user to a different Presence Redundancy Group
How the community answered
(24 responses)- A79% (19)
- B4% (1)
- C4% (1)
- E13% (3)
Explanation
Jabber validates the SSL/TLS certificates of every server it connects to (CUCM, CUP, voicemail, etc.). Untrusted certificate warnings occur when those certificates are self-signed or issued by a CA that the client machine does not trust. Two valid resolutions are: (A) Add the certificates (or the root/intermediate CA certificate) to the client machine's local certificate store (Windows Certificate Store) or macOS Keychain - this makes the OS trust them, and Jabber will stop warning; and (D) Replace self-signed certificates with certificates signed by a well-known, publicly trusted CA whose root certificate is already in the OS trust store. Reinstalling Jabber or moving the user to a different Presence Redundancy Group does not address the trust chain problem.
Topics
Community Discussion
No community discussion yet for this question.