Installing Certificates - Polycom HDX 4000 Series Administrator's Manual

Polycom, Inc.
Artisan Technology Group - Quality Instrumentation ... Guaranteed | (888) 88-SOURCE | www.artisantg.com
When creating CSRs, the client and server CSRs must contain at least one field
that is different between the two. Polycom recommends using either the
Organization Unit (OU) field or the Organization (O) field for this purpose. For
example, for either field of a client CSR, use <company_name>_client and use
<company_name>_server for either field of a server CSR.
Also, only a single outstanding CSR of either type can exist at a time. After the CSR
is generated, it is important to get it signed and installed before attempting to
generate a different CSR of the same type. For example, if you generate a client
CSR and then, prior to having it signed and installed on the HDX system, another
client CSR is generated, the previous CSR is discarded and invalidated, and any
attempt to install a signed version of it will result in an error.

Installing Certificates

After you have downloaded a CSR and it has been signed by a CA, the
resulting certificate is ready to install on the HDX system. The following
section outlines how to do this, and the procedure is the same for installing the
client certificate, the server certificate, and any required CA-type certificates.
To add a signed certificate on the Certificates page:
Next to Add a Certificate, click Browse to search for and select a
1
certificate. You might be installing a client or server certificate that has
been signed by a CA after having been previously generated as a CSR, or
installing a CA certificate needed by the HDX system to validate a
certificate it receives from another system.
Click Open.
2
This dismisses the Browse pop-up and returns you to the main
Certificates page.
Click Add.
3
The system checks the certificate data and adds it to the list. If you don't
see the certificate in the list, the system was unable to recognize the
certificate. This process is sometimes referred to as installing a certificate.
You can select a certificate in the list to view its contents. Click Close when you
are done viewing the certificate. You can also remove a certificate from the list
by clicking Remove.
When you add a CA certificate to the HDX system, the certificate becomes
trusted for the purpose of validating peer certificates.
If you do not add a signed server certificate for the HDX system, you might receive
error messages from your browser stating that the security certificate for the web
site "Polycom" cannot be verified. Most browsers allow the user to proceed after
this warning is displayed. See the Help section of your browser for instructions
about how to do this.
Security
8–25