Polycom HDX 4000 Series Administrator's Manual page 211
Hide thumbs
Also See for HDX 4000 Series:
- Quick start manual (2 pages) ,
- User manual (49 pages) ,
- Quick start manual (2 pages)
Table of Contents
Advertisement
Administrator's Guide for Polycom HDX Systems
8–28
Artisan Technology Group - Quality Instrumentation ... Guaranteed | (888) 88-SOURCE | www.artisantg.com
If the Always Validate Peer Certificates from Browsers setting is enabled and
the expired CRL is for a CA that is part of the trust chain for the client certificate
sent by your browser, you will no longer be able to connect to the HDX web
interface because the revocation check will always fail. In this case, unless the HDX
web interface can be accessed by a user whose client certificate's trust chain does
not include the CA whose CRL is expired, you must delete all certificates and CRLS
from the system and then reinstall them. See the
page
8-31
for more information.
To use OCSP:
Go to Admin Settings > Security > Revocation.
1
Configure these settings on the Revocation page.
2
Setting
Revocation Method
Allow Incomplete
Revocation Checks
Deleting Certificates and CRLs
Description
Select the OSCP method.
When this field is enabled, the HDX system treats
the following response from the OCSP responder
as a successful revocation check that would
otherwise be considered a failed check:
•
If the OCSP responder responds that the
status is unknown or if no response is received,
the system treats this as a successful
revocation check.
Regardless of the state of this setting, the following
statements apply:
•
If the OCSP responder indicates a known
revoked status, the HDX system treats this as
a revocation check failure and does not allow
the connection.
•
If the OCSP responder indicates a known good
status, the HDX system treats this as a
successful revocation check and allows the
connection.
on
Polycom, Inc.
Hide quick links:
Advertisement
Table of Contents
