SECURITY AND PROTECTION
<cert_hash algo="SHA256">ca059972d02b2853a92704a7a7640f3f</
cert_hash>
<privkey_uri>8021x_priv.key</privkey_uri>
<privkey_hash algo="SHA256">f4728d6356204c6fcce91989ef733553</
privkey_hash>
</ether_8021x>
<provisioning>
<ca_uri>prov_ca.crt</ca_uri>
<ca_hash algo="SHA256">e5116932d3685ea18ead10a55b825145</
ca_hash>
</provisioning>
</certificates>
With Allow Legacy Encryption enabled, the certificate configuration file can
contain MD5 and SHA256. If you disable Allow Legacy Encryption, then only
the SHA256 hash algorithm is supported.
Related concepts
Legacy encryption mode
Certificates application
Use certificates to authenticate Konftel 800 using TLS. You can apply certificates
manually when configuring the advanced settings of your phone, or the phone can
automatically download the certificates from the provisioning server if you enabled
Device Management.
The application of a certificate involves the following:
•
Download of the root certificate from the Certificate Server
•
Creation of the server certificate from the Certificate Server
•
Generation of the private key
•
Conversion of the certificates and the private key to .PEM format
•
Import of the .PEM files to the phone
Related concepts
Certificates
on page 142
Downloading the root certificate
About this task
The administrator must obtain a root certificate from a Certificate Authority (CA).
This CA certificate has the key size of 2048, is in PKCS10 format and is generated
using SHA-1 hash algorithm.
on page 154
147