Https Server Certificate Validation - Mitel 6867i Administrator's Manual
6800 series
Hide thumbs
Also See for 6867i:
- User manual (235 pages) ,
- Training manual (29 pages) ,
- Installation manual (24 pages)
Table of Contents
Advertisement
Mitel 6800 Series SIP Phone Release 4.2.0 Administrator Guide
•
TLS 1.0
•
SSL 3.0
3. Enable HTTP to HTTPS redirect by checking the HTTPS Server - Redirect HTTP to
HTTPS field check box. (Disable this field by unchecking the check box). Default is disabled.
4. Enable the blocking of XML HTTP POSTs by the HTTPS server by checking the HTTPS
Server - Block XML HTTP POSTs field check box. (Disable this field by unchecking the
check box). Default is disabled.
5. Click Save Settings to save your settings.
HTTPS LOCAL CERTIFICATE SUPPORT/MUTUAL AUTHENTICATION
The 6800 series IP phones provide a built-in common 2048-bit HTTPs certificate allowing for
mutual authentication between the HTTPs server and the phones during an HTTPs session.
The certificate can be used for file download processes (e.g. configuration file download for
secure provisioning) and for HTTPs/XML requests. Please go to
the client certificate.
HTTPS SERVER CERTIFICATE VALIDATION
The HTTPS client on the IP Phones support validation of HTTPS certificates. This feature
supports the following:
•
Comodo (EssentialSSL and 4096-bit RSA), CyberTrust, DigiCert, Entrust, GoDaddy, Geo-
Trust, Mitel MiVoice Border Gateway (MBG), Symantec (Class 3 Secure Server CA - G4),
Thawte, TrustZone, or Verisign signed certificates
•
User-provided certificates
•
Checking of hostnames
•
SSL Wildcard certificate (i.e. SSL certificate specifying the Common Name as a wildcard
[e.g. CN=*.company.com]) support.
•
Checking of certificate expiration
•
Ability to disable any or all of the validation steps
•
Phone displays a message when a certificate is rejected (except on check-sync operations)
All validation options are enabled by default.
Certificate Management
Mitel Provided Certificates
The phones come with root certificates from Comodo (EssentialSSL and 4096-bit RSA),
CyberTrust, DigiCert, Entrust, GoDaddy, GeoTrust, Mitel MBG, Symantec (Class 3 Secure
Server CA - G4), Thawte, TrustZone, or Verisign pre-loaded.
User Provided Certificates
The administrator has the option to upload their own certificates onto the phone. The phone
downloads these certificates in a file of .PEM format during boot time after configuration
4-37
www.miteldocs.com
to obtain
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
