Certificate Validation - Polycom realpresence 1800 Administrator's Manual

The SAN field option - DNS Name (FQDN) is not used for Machine Account validation. For example,
the DMA will not validate the Collaboration Server unless the FQDN field in the User Properties
dialog box is correctly filled in.
 Hash Method - Select the output value for the Secure Hash Algorithm:
- SHA-256 the output value is 256 bits.
- SHA-1 the output value is 160 bits.
For backward compatibility, with previous versions, either SHA-1 or SHA-256 can be selected
as the hash algorithm used in the creation of CSRs (Certificate Signing Requests).
5 Click Send Certificate.
For all certificates, both Management and SIP TLS:
● Once the certificate is sent a message is displayed indicating successful installation of the certificate
and the new certificate replaces the old certificate.
● If the certificate installation fails the old certificate continues to function and a message is displayed
indicating one of the following the reasons for the failure:
 Invalid password.
 Certificate expired.
 Certificate DNS name does not match Collaboration Server (service) DNS name.
 Chain is not trusted
 General - <Error message from the SSL library>.

Certificate Validation

The credentials of each certificate received from a networked peer are verified against a repository of
trusted certificates. Each networked entity contains a repository of trusted certificates. The digital signature
of the certificate's issuing authority is checked along with the certificate's expiration date.
Validation of peer SIP TLS certificates against one or several installed CA certificates can be enabled or
disabled for the Default Management and each defined IP Service by selecting or clearing the Skip
certificate validation check box.
Polycom, Inc.
Ultra Secure Mode
828