1. Manuals
  2. Brands
  3. Avaya Manuals
  4. Accessories
  5. IPBS1
  6. Installation and operation manual

Tls Certificates - Avaya IPBS1 Installation And Operation Manual

Ip-dect base station and ip-dect gateway
Hide thumbs
Table of Contents

Advertisement

TLS Certificates

Security in Web-based applications rely on cryptography. Cryptographical systems are only as
secure as their keys. This makes Key Management a critical and often neglected concern. TLS
Certificates have emerged as a clever way of managing large scale key distribution.
Two certificate management tasks are needed for TLS:
1. Trust relationships when the device must know which third parties (e.g. IP-PBX) it shall
trust in, see 1. Trust Relationships.
2. Device certificates to authenticate the device against third parties, see 2. Certificate
Handling Options with Device Certificates.
1. Trust Relationships
Trust relationships are defined by a trust list in the device. The list contains the certificates to be
accepted by the device for TLS secured connections (e.g. HTTPS, SIPS).
For more information see
2. Certificate Handling Options with Device Certificates
There are three certificate handling options:
Default Device certificate
l
The default certificate is supplied with the device. It is a self-signed certificate. Self-signed
l
certificates provide only encryption, not authentication.
For more information see
Self-signed certificates
l
This option is for customers not planning on having their certificates signed by public or
l
private CAs. Self-signed certificates provide encryption but do in most cases not provide
authentication.
For more information see
Certificates signed by a Certificate Authority (CA).
l
Two options are possible:
A) Certificates signed by the customer's own CA. Customers possessing the
l
knowledge and infrastructure to house their own CA could build an internal enterprise
CA, enabling them to sign (approve) their own certificate requests. This would make
the customer a private CA.
B) Certificates signed by a trusted public third party entity/organization. There are only
l
about a dozen issuers who have the authority to sign certificates for servers
worldwide. An example is VeriSign. To use a public CA for certificate approvals the
IP-DECT system would in most cases need to be connected to the Internet and hold a
Avaya 374x DECT Telephones - User Guide
Trust List
on page 84.
Default Device Certificate
Self-signed Certificates
on page 86.
on page 87.
IP Security
33
02/2016
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Avaya IPBS1

Related Products for Avaya IPBS1

This manual is also suitable for:

Ipbs2Ipbl

Table of Contents