Table of Contents
Advertisement
Figure 6-2
RADVISION | Deployment Guide for SCOPIA TIP Gateway Version 8.0
On the gateway side, upload the following certificates
–
A certificate identifying the gateway, signed by the same CA. This is sent to SCOPIA
Management as part of the TLS negotiation.
–
A copy of the root certificate verifying the CA's identity, self-signed by the CA. This is
used by the gateway to verify the certificate sent by SCOPIA Management.
•
Unique CAs
When certificates are signed by different CAs, each CA requires its own root certificate to
be uploaded for authentication.
For example, in
Figure 6-2 on page
signed by CA1, while the gateway's certificate is signed by CA2. This requires three
certificates to be uploaded to SCOPIA Management and two for the gateway
page
46).
TLS connection using certificates signed by different CAs
When each certificate is signed by a different CA
following certificates to the SCOPIA Management:
–
A certificate identifying SCOPIA Management, signed by trusted CA1. This is sent to
the gateway as part of the TLS negotiation.
–
A root certificate from the trusted CA1 verifying CA1's identity, self-signed by CA1.
This is used by SCOPIA Management to authenticate its certificate.
–
A root certificate from the trusted CA2 verifying CA2's identity, self-signed by CA2.
This is used by SCOPIA Management to authenticate the certificate sent by the
gateway, which is signed by CA2.
On the gateway side, upload the following certificates
–
A certificate identifying the gateway, signed by trusted CA2. This is sent to SCOPIA
Management as part of the TLS negotiation.
(Figure 6-1 on page
46, the certificate identifying SCOPIA Management is
(Figure 6-2 on page
(Figure 6-2 on page
45):
(Figure 6-2 on
46), upload the
46):
Securing Your Video Network Using TLS | 46
Advertisement
Table of Contents
