Polycom G7500 Reference Manual page 70
Configuration parameters
Hide thumbs
Also See for G7500:
- Administrator's manual (123 pages) ,
- User manual (42 pages) ,
- Release notes (14 pages)
Table of Contents
Advertisement
OCSP method: When you enable this parameter, your system considers a revocation check
successful if there is no response or the OCSP responder indicates a certificate's status is
unknown. Regardless of how you configure this paramter, the following statements apply:
If the OCSP responder indicates a known revoked status, your system treats it as a revocation
check failure and doesn't allow the connection. If the OCSP responder indicates a known good
status, your system treats it as a successful revocation check and allows the connection
0 (default)
1
sec.TLS.revocation.ocsp.enable
Specifies the certificate revocation method you want to use.
0 (default) - Set to use the CRL method of revocation.
1 - Set to use the OCSP method of revocation.
sec.TLS.revocation.ocsp.responderAddress
Specifies the URI of the OCSP responder (e.g., http://responder.example.com/ocsp). The
responder is used when sec.TLS.revocation.ocsp.useResponderInCert is disabled and
sometimes even when it's enabled. Polycom recommends you always include a URI in this field
regardless of how sec.TLS.revocation.ocsp.useResponderInCert is configured.
To use this parameter, make sure to set sec.TLS.revocation.ocsp.enable="1".
String
sec.TLS.revocation.ocsp.useResponderInCert
Some certificates include the OCSP responder address. When this parameter is enabled, your
system attempts to use this address (when present) instead of the global responder address
you specified in sec.TLS.revocation.ocsp.responderAddress.
To use this parameter, make sure to set sec.TLS.revocation.ocsp.enable="1".
0 (default)
1
Note:
Only HTTP URLs in a certificate's AIA field are supported.
sec.ssh.enable
Specifies if you can access the command-line API using SSH (port 22).
To access the API, you still must set sec.telnet.enable="1".
1
0 (default)
sec.auth.external.AD.adminGroup
Specifies the Active Directory group whose members should have administrator access to the
system. This name must exactly match the name in the AD server for successful authentication.
String (0-512)
sec.auth.external.AD.enable
Specifies whether to authenticate users with Active Directory server. When AD authentication is
enabled, users can log in to the system with their network credentials using this format: domain
\user. With this format, users can have accounts on multiple domains.
Polycom, Inc.
Security Parameters
68
Hide quick links:
Advertisement
Table of Contents
