Configuring Certificate Validation Settings; Configuring Certificate Revocation Settings - Polycom HDX 4000 Series Administrator's Manual
Hide thumbs
Also See for HDX 4000 Series:
- Quick start manual (2 pages) ,
- User manual (49 pages) ,
- Quick start manual (2 pages)
Table of Contents
Advertisement
Administrator's Guide for Polycom HDX Systems
8–26
Artisan Technology Group - Quality Instrumentation ... Guaranteed | (888) 88-SOURCE | www.artisantg.com
Configuring Certificate Validation Settings
Certificates are authorized externally when they are signed by the CA. The
certificates can be automatically validated when they are used to establish an
authenticated network connection. To perform this validation, the HDX
system must have certificates installed for all CAs that are part of the trust
chain. A trust chain is the hierarchy of CAs that have issued certificates from
the device being authenticated, through the intermediate CAs that have issued
certificates to the various CAs, leading back to a root CA, which is a known
trusted CA.
A certificate exchange is between a server and a client, both of which are peers.
When a user is accessing the Polycom HDX web interface , the HDX system is
the server and the web browser is the client application. In other situations,
such as when the HDX system connects to LDAP directory services, the HDX
system is the client and the LDAP directory server is the server.
To configure certificate usage:
Go to Admin Settings > Security > Certificates.
1
Configure these settings on the Certificates screen:
2
Setting
Maximum Peer Certificate
Chain Depth
Always Validate Peer
Certificates from Servers
Always Validate Peer
Certificates from Browsers
Configuring Certificate Revocation Settings
When certificate validation is enabled (refer to
Validation Settings
on page 8-26), the HDX system tries to validate the peer
certificate chain on secure connection attempts for the applicable network
services.
Part of the validation process includes a step called revocation checking. This
type of check involves consulting with the CA that issued the certificate in
question to see whether the certificate is still active or has been revoked for
Description
Specifies how many links a certificate chain
can have. The term peer certificate refers to
any certificate sent by the far-end host to the
HDX system when a network connection is
being established between the two systems.
Controls whether the HDX system requires the
remote server to present a valid certificate
when connecting to it for services such as
those listed for client-type CSRs in
Certificate Signing Requests (CSRs)
page
8-23
(provisioning, directory, SIP, and so
forth).
Controls whether the HDX system requires a
browser to present a valid certificate when it
tries to connect to the web interface.
Configuring Certificate
Generating
on
Polycom, Inc.
Hide quick links:
Advertisement
Table of Contents
