Starting with Avaya Aura® release 10.1, Communication Manager (CM) requires a valid identity certificate for secure communications. The system provides flexibility to align with diverse enterprise security policies. Administrators can either use the Avaya Aura® System Manager as a Certificate Authority (CA) to generate and sign the CM identity certificate or import a certificate signed by a trusted third-party CA. This dual support ensures that CM can integrate seamlessly into environments with an existing Public Key Infrastructure (PKI) or use the built-in Avaya security framework.

B. This is incorrect. While using a System Manager-signed certificate is a valid option, Communication Manager is not restricted to it and fully supports certificates from third-party CAs.

C. This is incorrect. The validity period of an identity certificate is determined by the issuing Certificate Authority's policy and is not fixed at one year for Communication Manager.

D. This is incorrect. Communication Manager is not limited to only third-party certificates; it also fully supports the use of identity certificates signed by the Avaya Aura® System Manager.

1. Avaya Aura® Communication Manager Documentation Library, Release 10.1, "Administering Avaya Aura® Communication Manager", January 2023.

Section: Security > Managing certificates

Content: The documentation explicitly states, "Communication Manager uses identity certificates to establish its identity to other entities. You can use either a System Manager-signed certificate or a third-party CA-signed certificate." This directly supports the correctness of option A and refutes options B and D.

2. Avaya Aura® System Manager Documentation Library, Release 10.1, "Administering Avaya Aura® System Manager", January 2023.

Section: Security > Certificate Authority > Configuring the Certificate Authority

Content: This document details the configuration of System Manager's internal CA, including the default certificate validity period, which is 730 days (2 years), not 1 year. This refutes the claim made in option C.

3. Avaya Aura® Solution Description, Release 10.1, "Avaya Aura® Overview and Specification", January 2023.

Section: Security Architecture > Certificate Management

Content: This document outlines the overall security architecture for Avaya Aura®, emphasizing the requirement for PKI integration and support for both internal (System Manager) and external (third-party) Certificate Authorities for core components like Communication Manager.