Identity Certificates - Avaya J129 Installing And Administering

Hide thumbs Also See for J129:

Installing and administering (114 pages)

Instructions manual (70 pages)

User manual (61 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

Table of Contents

Security

Identity certificates

Identity certificates are the endpoint or Server certificates. To share the identity, a public key is

presented for identification. X509v3 compliant certificates are supported. Secure communications

that use Transport Layer Security (TLS) or use certificates for authentication purposes are

supported to participate in a Public Key Infrastructure (PKI). The following mechanisms are

supported for installation:

• Certificate enrollment: Creates a private key and Certificate Signing Request (CSR). CSR is

sent to the Certificate Authority (CA) using manual or automatic Simple Certificate Enrollment

Protocol (SCEP) interface. Certificate is validated and accepted when CA signs the CSR.

• Importing Key and Certificate: Uses an encrypted PKCS #12 file format to import both the

private key and the corresponding certificate.

You can view the following attributes of the certificate using an SNMP MIB browser:

• Serial Number

• Subject Name

• Issuer Name

• Validity Period:notBefore and notAfter dates

• Thumbprint: Hash of the certificate

• Basic Contraints

• Subject Alternative Name

• Key Usage Extensions

• Extended Key Usage

To validate identity of a received certificate, the following process is followed:

• Verification of certificate chain up to the trusted entity.

• Verification of the signature.

• Verification of the revocation status through OCSP.

• Verification of the certification validity (not-before and not-after dates are checked).

• Verification of the certificate usage restrictions.

• Verification of the identity against the certificate.

Subject Alternative Field (SAN)

SAN field simplify server configuration. With SAN field, you can specify additional host names such

as, IP addresses or common names, to use a single SSL Certificate. While validating the

certificates, the phone verifies whether the presented certificate has a SAN field or not.

• If the certificate does not have the SAN field, the phone validates the Common Name (CN)

fields of the certificate. In this case, you need the following CN fields:

- SIP domain name

- IP address

September 2017

Installing and Administering Avaya J129 IP Phone

Comments on this document? infodev@avaya.com

Table of Contents

Show Quick Links

Quick Links:
Administration Methods
Dhcp Options
Accessing the Admin Menu During Phone...

Hide quick links:

Table of Contents

Identity Certificates - Avaya J129 Installing And Administering

Identity certificates

Hide quick links:

Related Manuals for Avaya J129

Related Content for Avaya J129

Table of Contents