Manage TLS certificates
A Public Key Infrastructure (PKI) uses Transport Layer Security (TLS)
certificates to provide server authentication and private communication.
With a PKI, the communication between the mobile clients and the MCG
3100 Server is secure.
Perform the following tasks to configure the PKI:
•
•
•
•
•
•
Enroll with a Certificate Authority
Some CAs, such as VeriSign or Entrust, charge a fee for their services.
Others, such as CACert or RapidSSL, provide free or low-cost solutions.
As an alternative to using a commercial CA, you can build your own. For
example, Microsoft Exchange Server includes tools that enable you to build
a CA server that is exclusive to your organization.
Whether you select a commercial Certificate Authority (CA) or build your
own CA Server, you must provide the following information to enroll:
•
•
•
Nortel strongly recommends that you create an e-mail alias for the certificate
administrator. The CA sends renewal notifications and other important information
to this e-mail address. If the administrative responsibilities are shared, any
administrator can access the notifications.
For additional information about commercial Certificate Authorities, go to
any one of the following company Web sites:
•
•
•
•
Copyright © 2007, Nortel Networks
.
Enroll with a Certificate Authority (CA).
Generate a Certificate Signing Request (CSR).
Obtain a signed TLS certificate.
Obtain the CA root certificate, intermediate certificate, or both as
required by the CA..
Install the root or intermediate (or both as required by the CA) and
signed certificates.
Distribute the CA root certificate.
first and last name of the certificate administrator
e-mail address of the certificate administrator
any other information requested by the CA
VeriSign
Entrust
CACert
RapidSSL
Nortel Mobile Communication 3100 Series Portfolio
Nortel Mobile Communication Gateway 3100 Installation
NN42030-300 01.03 Standard
Release 2.0 30 October 2007
Manage TLS certificates 33
ATTENTION