Identity Certificates - Avaya J100 Series Installing And Administering

Third-party call control setup

Hide thumbs Also See for J100 Series:

Installing and administering (528 pages)

Installing (282 pages)

User manual (188 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

page of 191

/ 191
Contents
Table of Contents
Bookmarks

Table of Contents

Phones support three types of certificates:

• Trusted certificates

• Online Certificate Status Protocol (OCSP) trust certificates

• Phone identity certificates

The Trusted and OCSP trust certificates are root or intermediate Certification Authority (CA)

certificates that are installed on the phone through the 46xxsettings.txt file.

Enhancements for installing identity certificates:

• SCEP over HTTPS is supported for enrollment.

• PKCS#12 file format is supported for installation.

To check the number of days remaining for Identity certificate expiry, use the parameter

CERT_WARNING_DAYS . The user is notified through a log message if the log level is

maintained as WARNING with the category CERTMGMT. The logs are maintained and displayed

if SYSLOG is enabled.

MIB object tables and IDs are created for certificates installed on the phone. You can view the

certificate attributes through an SNMP MIB browser.

To implement DES, the phone has 64 Public CA certificates built in. For a list of the certificates,

see Appendix B.

Identity certificates

Identity certificates are the endpoint or Server certificates. To share the identity, a public key is

presented for identification. X509v3 compliant certificates are supported. Secure communications

that use Transport Layer Security (TLS) or certificates for authentication are supported to

participate in a Public Key Infrastructure (PKI). The following mechanisms are supported for

installation:

• Enrolling a certificate : Creates a private key and Certificate Signing Request (CSR). CSR is

sent to the Certificate Authority (CA) using a manual or automatic Simple Certificate

Enrollment Protocol (SCEP) interface. The certificate is validated and accepted when CA

signs the CSR.

• Importing Key and Certificate: Uses an encrypted PKCS #12 file format to import both the

private key and the corresponding certificate.

You can view the following attributes of the certificate using an SNMP MIB browser:

• Serial Number

• Subject Name

• Issuer Name

• Validity Period:notBefore and notAfter dates

• Thumbprint: Hash of the certificate

August 2018

Installing and Administering Avaya J100 series IP Phones in third-party call control

on page 177

setup

Comments on this document? infodev@avaya.com

Certificate management

Table of Contents

Show Quick Links

Quick Links:
Logging in and Logging out of...
Chapter 4: Configuring the Phone Using...

Hide quick links:

Table of Contents

This manual is also suitable for:

J139 J129 J169 J179 Jbm24

Identity Certificates - Avaya J100 Series Installing And Administering

Identity certificates

Hide quick links:

Related Manuals for Avaya J100 Series

Related Content for Avaya J100 Series

This manual is also suitable for:

Table of Contents