Certificates And Security Profiles Within A Provisioned System - Polycom RealPresence Group 550 Administrator's Manual
Realpresence group series video conferencing system
Hide thumbs
Also See for RealPresence Group 550:
- Setup manual (2 pages) ,
- System setup sheet (2 pages) ,
- Quick start manual (2 pages)
Table of Contents
Advertisement
Administrator's Guide for the Polycom RealPresence Group Series
2 Configure these settings on the Revocation page and click Save.
Setting
Revocation Method
Allow Incomplete
Revocation Checks
Global Responder Address
Use Responder Specified
in Certificate
If you use OCSP, you might need to install one or more additional CA certificates on the
RealPresence Group system, for validation of the OCSP response messages.
Certificates and Security Profiles within a Provisioned System
When your RealPresence Group system is provisioned through the RealPresence Resource Manager
system and you use PKI certificates, consider the following information. Be sure to enable provisioning after
you follow the procedures applicable to each Security Profile type.
● To use the Maximum Security Profile with provisioning:
The RealPresence Resource Manager system must be using Maximum Security Mode.
You must manually assign the Maximum Security Profile to the RealPresence Group endpoint
during installation using the setup wizard, or afterwards using the web interface.
You must use full PKI and observe the following procedures before you enable provisioning on
the RealPresence Group endpoint:
Polycom, Inc.
Description
Select the OSCP method.
When this field is enabled, the RealPresence Group system treats the following
response from the OCSP responder as a successful revocation checks that would
otherwise be considered a failed check:
•
If the OCSP responder responds that the status is unknown or if no response is
received, the system treats this as a successful revocation check.
Regardless of the state of this setting, the following statements apply:
•
If the OCSP responder indicates a known revoked status, the RealPresence
Group system treats this as a revocation check failure and does not allow the
connection.
•
If the OCSP responder indicates a known good status, the RealPresence Group
system treats this as a successful revocation check and allows the connection.
Specifies the URI of the responder that services OCSP requests (for example,
http://responder.example.com/ocsp). This responder is used for all
OCSP validation when Use Responder Specified in Certificate is disabled, and
is sometimes used even when Use Responder Specified in Certificate is
enabled. Polycom therefore recommends that you always enter a Global
Responder Address regardless of the value chosen for the Use Responder
Specified in Certificate setting.
In some cases, the certificate itself includes the responder address. When this field
is enabled, the RealPresence Group system attempts to use the address in the
certificate (when present) instead of the Global Responder Address specified in
the previous field.
Note: The Polycom RealPresence Group system supports only the use of HTTP
URLs in the AIA field of a certificate when Use Responder Specified in
Certificate is enabled.
Security
123
Hide quick links:
Advertisement
Table of Contents
