Simple Certificate Enrollment Protocol - Polycom RealPresence Group Series Administrator's Manual
Hide thumbs
Also See for RealPresence Group Series:
- Reference manual (425 pages) ,
- Administrator's manual (276 pages) ,
- User manual (113 pages)
Table of Contents
Advertisement
Simple Certificate Enrollment Protocol
The Simple Certificate Enrollment Protocol (SCEP) is a service that automatically requests and renews
certificates for large deployments of endpoints and software clients.
The SCEP service triggers when you boot up the system, unplug and replug the LAN, or enable the
service in the web user interface. The system checks the system's certificate data to obtain digital
certificates based on the following criteria:
•
If the certificate doesn't exist, the SCEP service initiates the enrollment process.
•
If the certificate exists, the SCEP service verifies the renewal and expiration dates and does one of
the following:
If the current date is...
Before the renewal date
On or after the renewal date but on or before the
expiration date
After the expiration date
Note: You can configure the renewal date in the SCEP settings.
Note the following information regarding SCEP:
•
When the SCEP installs a new certificate in a system, it ignores the existing manually installed
SCEP certificate.
•
Update the challenge password manually.
•
The SCEP server communicates only through HTTP, and the system only supports one SCEP
server at a time.
•
The maximum key size supported for the RSA key is 2048 bit.
•
You can also configure the SCEP settings on the RealPresence Group Series system through
RealPresence Resource Manager.
Make sure none of the values against each parameter in SCEP settings are empty while
provisioning through RealPresence Resource Manager.
Note: When a RealPresence Touch device is paired with RealPresence Group Series system, you can
view the SCEP settings for RealPresence Group Series system on RealPresence Touch device.
However, you cannot edit them. When the SCEP feature is enabled on a standalone
RealPresence Touch device, you can edit the setings from RealPresence Touch device.
Fore more information on the configuration options, refer to the Polycom RealPresence Resource
Manager System Opertions Guide available at
Polycom, Inc.
The service...
Looks for a time thread and creates one if none exist.
Initiates the renewal process.
Removes the certificate using a system module and
initiates the enrollment process.
Polycom
Support.
Securing the System
113
Advertisement
Chapters
Table of Contents
Troubleshooting
