Configure Ldap Over Tls; Https Provisioning - Cisco 8800 Series Manual

Configure LDAP over TLS

Step 3
Click Submit All Changes.
Configure LDAP over TLS
You can configure LDAP over TLS (LDAPS) to enable secure data transmission between the server and a
specific phone.
Attention
Cisco recommends leaving the authentication method to the default value of None. Next to the server field
is an authentication field that uses the values None, Simple, or DIGEST-MD5. There is no TLS value for
authentication. The software determines the authentication method from the LDAPS protocol in the server
string.
You can also configure the parameters in the phone configuration file with XML(cfg.xml) code.
Before you begin
Access the phone administration web page. See
Procedure
Step 1
Select Voice > Phone.
Step 2 In the LDAP section, enter a server address in the Server field.
You can also configure this parameter in the phone configuration XML file (cfg.xml) by entering a string in
this format:
<LDAP_Server ua="na">ldaps://10.45.76.79</LDAP_Server>
For example, enter
where:
• ldaps://= The start of the server address string.
• ldaps_server = IP address or domain name
• port = Port number. Default: 636
Step 3 Click Submit All Changes.

HTTPS Provisioning

The phone supports HTTPS for provisioning for increased security in managing remotely deployed units.
Each phone carries a unique SLL Client Certificate (and associated private key), in addition to a Sipura CA
server root certificate. The latter allows the phone to recognize authorized provisioning servers, and reject
Cisco IP Phone 8800 Series Multiplatform Phone Administration Guide for Release 11.3(1) and Later
122
ldaps://<ldaps_server>[:port]
Access the Phone Web Interface, on page
.
Cisco IP Phone Configuration
104.