1. Manuals
  2. Brands
  3. RADVision Manuals
  4. Gateway
  5. Scopia TIP Gateway
  6. Deployment manual

Planning The Required Certificates For Tls - RADVision Scopia TIP Gateway Deployment Manual

Hide thumbs Also See for Scopia TIP Gateway:
Table of Contents

Advertisement

4.
Perform
Uploading Scopia Management Certificates into Scopia Management
5.
Perform
Uploading Certificates for the TIP Gateway
6.
If the CA used to identify the device is different from the CA which identifies Scopia Management, perform
Uploading Certificates for Other Devices
7.
Perform
Enabling Encryption with Scopia TIP Gateway
8.
Perform
Enabling the TLS Connection in Scopia Management

Planning the Required Certificates for TLS

When a device establishes a secure TLS connection with another component, it sends a signed
certificate verifying its identity. The signature on the certificate must be from a known (trusted)
certification authority (CA).
Important:
Using encryption is subject to local regulation. In some countries it is restricted or limited for usage.
For more information, consult your local reseller.
There are several types of TLS connections:
• Standard TLS, where all certificates are signed by the same CA.
• Unique CAs, where each certificate is signed by a different CA.
• Unknown gateway CA, where the gateway's certificate is signed by an unknown (untrusted) CA.
• Unknown Scopia Management CA, where Scopia Management's certificate is signed by an
unknown (untrusted) CA.
• Mutually unknown CAs, where both components carry certificates signed by CAs that are unknown
to each other.
Each situation requires a different set of certificates to be uploaded to each of the components. Typically,
the certificates are all signed by the same CA. Some unique deployments, such as service provider
deployments, may use multiple CAs.
A CA's signature is always verified by its root certificate, which identifies the CA and is self-signed by
that CA. When a device receives a certificate as part of TLS negotiations, it must verify that the CA
signing the certificate is trusted, so it must have the CA's root certificate uploaded.
• Standard TLS
These connections use the same CA for signing all certificates on both sides. In this case, you
need to upload two certificates to Scopia Management and two for the gateway
34: Standard TLS: Component Certificates and a CA Root Certificate
Deployment Guide for Scopia TIP Gateway Version 8.2
on page 65.
on page 68.
on page 70.
on page 72.
on page 60.
(Figure
on page 53).
Securing Your Video Network Using TLS | 52

Advertisement

Table of Contents
loading

Related Manuals for RADVision Scopia TIP Gateway

Related Content for RADVision Scopia TIP Gateway

Table of Contents