Certificate Management - Polycom realpresence 1800 Administrator's Manual

Certificate Management

(PKI) Public Key Infrastructure
PKI (Public Key Infrastructure) is a set of tools and policies deployed to enhance the security of data
communications between networking entities.
The implementation of PKI on the Collaboration Server has been enhanced to ensure that all networked
entities are checked for the presence of unique certificates by implementing the following rules and
procedures during the TLS negotiation:
● The Collaboration Server identifies itself with the same certificate when operating as a server and as
a client.
● The Collaboration Server's management applications: Collaboration Server Web Client and RMX
Manager, identify themselves with certificates.
● While establishing the required TLS connection, there is an exchange of certificates between all
entities.
● Entities such as the DMA that function as both client and server within the Management Network
identify themselves with the same certificate for both their client and server functions.
● A single Certificate Repository is maintained for:
 The Management Network Service.
 SIP TLS Personal Certificates for each defined IP Network Service.
 Trusted (Certificate Authority (CA)) certificate for all TLS connections.
 CRL for all TLS connections.
● SIP TLS certificates are validated against the CA.
● SIP TLS certificates are managed using CRL and Online Certificate Status Protocol (OCSP).
 Certificate revocation mode, whether by OCSP or CRL is managed using the i setting of the
Management Network.
 SIP TLS is managed using the General TLS setting.
● The following certificate file formats are supported:
 PEM
 DER
 PKCS#7/P7B
 PKCS#12PFX
Polycom, Inc.
Ultra Secure Mode
821