Table of Contents
Advertisement
You can load your own certificates and keys to the XT Series using a PKCS#12 file or you can
follow the manual guided procedure to obtain a .csr file and to upload the signed certificate and
Root CA to the XT Series.
1. Perform
Generating a Certificate Signing Request for XT Series
request to the Certificate Authority.
2. Receive back the Root CA and signed certificate and perform
certificate that you receive from the CA
Note:
If you do not upload a valid certificate to sign the recording files, the XT Series uses a self-
signed certificate, if configured. Self-signed certificates do not offer the same level of security
as certificates signed by an official Certificate Authority.
Note:
Ensure that you store your digital signature certificate in a safe place. If you restore your XT
Series to the factory settings, the digital signature certificate is lost. Your digital signature
certificate must be uploaded to the XT Series to verify the integrity of the recorded files using
the XT Series.
Securing Connections to the XT Series Using TLS
You can configure your video network devices, both Avaya Meetings Server and third-party, to
support Transport Layer Security (TLS) for the SIP protocol and for connection to the XT Series
web server when using HTTPS.
Important:
Using encryption is subject to local regulation. In some countries it is restricted or limited for
usage. For more information, consult your local reseller.
TLS enables network devices to communicate securely using certificates, to provide
authentication of the devices and encryption of the communication between them.
To create a TLS or HTTPS web certificate, you need to generate a certificate signing request
(CSR) and send it to the certification authority (CA) for signing. A CA has its own certificate,
known as the CA root certificate. When the CA signed certificate is ready, you upload it into the XT
Series for which it was created, together with the CA root certificate. Once this is done, the
component can authenticate itself and is ready for TLS connection.
Each time a video network device starts the TLS communication session, it sends its own signed
certificate together with the CA root certificate and requests the same certificates from the other
devices to which it wants to connect. After both devices verify each other's identity, a secure TLS
connection can be established. Exchanging certificates between devices is part of the TLS
protocol; it happens in the background and is transparent to a user.
August 2020
Securing Connections to the XT Series Using TLS
on page 243.
Deployment Guide for Avaya XT Series
Comments on this document? infodev@avaya.com
on page 239 and send the
Uploading the CA root
237
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
