When I enable SSL for the IIS server on the Unity server, I observe several problems:
1. The Status Monitor (/Web/SM) does not connect to the server when I connect with https. The only button that works is Help. With http, it works as expected.
2. when I launch either Admin or Monitor from the system tray, the connection is http, not https, and the URL contains only the host name, not the FQDN (causing a warning that the site name != cert name).
the bug CSCdz36717 doesn't describe what I'm seeing. The problem is not that the root cert isn't there -- it is. The problem is that the URL loaded by the tray does not contain the fully-qualified domain name AND that the tray launches the http, not https, URL (eg, the tray launches http://unityserver/web/sa where it should be launching https://unityserver.domain.com/web/sa). So there are 2 problems:
1) http vs https and
2) the hostname in place of the FQDN.
The FQDN doesn't matter with http, but it causes the security warning that the site name (hostname) doesn't match the cert name (FQDN).
CSCdz11456 doesn't describe what I'm seeing. While it is true that the start & stop buttons are greyed out, and that, yes, Unity could be stopped and started thru the tray icon, there's more to it than starting and stopping. The problem is that under https, SM doesn't connect, period. The bugmakes no reference to https so I don't know whether this is the same problem or not. But I cant do any of the other things I can normally do thru SM (check ports, reports, etc) when using https. So https pretty much is useless with 4.0.2 if I use SM for anything at all.
In the IIS manager, check your web site to see if there is an ISAPI filter installed called "unityflt". This filter is responsible for redirecting http requests to https (automatically correcting any URL's, such as the tray URL's). The filter requires that you have set your SA virtual directories to "require SSL" and restart the WWW services (to reload the filter). This is the quick overview, let me know if you need more detail.
If you don't see any filters at all, you'll want to make sure you are looking in the right place. In IIS manager, highlight the server (not the default web site) and right click properties. In the master properties box choose "WWW Service" and hit edit and look at the ISAPI tab. There should be four MS installed filters there (and with any luck, the unityflt as well).
The unityflt is installed with Unity, so if you still don't see the the filter we can check to see what happened (and get it installed).
I do have these filters (if I look in the right place) and restarting the server after enabling SSL seems to get the tray to work properly (maybe I didn't need to be that extreme, but it worked).
The problem now is that everytime I switch between SA pages, I get an alert that the new page has insecure parts. If I click yes, the page is displayed normally, but insecure. If I click no, I get an error, then it paints correctly and the connection is still secure.
And PCA can't connect at all. Complains it can't find the server. (like SM).
IntroductionCUCM Routing RulesDial String implementation PolicyCUCM Routing LogicSIP URI Call Routing Analysis+++ Case Study: 1 ++++++ Case Study: 2 +++Conclusion
Over the last few months, I have had the privilege of working on SI...
Are you getting this error “Installer User Interface Mode Not Supported. The installer cannot run in this UI mode. To specify the interface mode, use the -i command-line option, followed by the UI mode identifier. The value UI mode identifiers...