Certificate Revocation - Polycom Collaboration Server (RMX) 1500 Deployment Manual

Collaboration server deployment guide for maximum security environments

Hide thumbs Also See for Collaboration Server (RMX) 1500:

Getting started manual (160 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

Table of Contents

Certificate Revocation

Certificate Revocation of IP Network and peer SIP TLS certificates for each defined IP Service

can be enabled, disabled and configured. OCSP and CRL are the two Certificate Revocation

methods available.

OSCP is the preferred method.

10 In the Global Responder URL field, type the URL of the Global Responder to be used.

11 Clear the Use Responder Specified in Certificate check box.

12 Select the Allow Incomplete Revocation Checks check box.

System Flag:

Should intermittent login problems occur when logging in to the RMX's Management

Network, the OCSP_RESPONDER_TIMEOUT System Flag can be manually added to

system.cfg and its value set to the number of seconds the RMX is to wait for an OCSP

response from the OCSP Responder before failing the connection.

Default: 3 (seconds)

Range: 1-20 (seconds)

Polycom, Inc.

In the Revocation Method drop down menu select OCSP.

OSCP is the preferred method, and when selected, additional configuration options are

displayed.

The format of the URL is validated and must be of the format:

http(s)://responder.example.com/ocsp.

If the Global Responder URL does not respond an Active Alarm is raised.

Optional. If it is required that the Responder URL is taken from the Authority Information

Access (AIA) element of the Certificate, select the Use Responder Specified in Certificate

check box. If the certificate does not contain a Responder URL, the Global Responder URL

will be used.

If the check box is checked and the Global Responder or the Responder Specified in the

Certificate does not respond for any reason the certificate is not considered revoked.

If the Allow Incomplete Revocation Checks check box is and left unchecked and the Global

Responder or the Responder Specified in the Certificate do not respond correctly, the

certificate is considered revoked and system lock-out is possible.

It is therefore important that the user pings the Global Responder or the Responder

Specified in the Certificate to verify correct operation.

Chapter 1-First Time Installation and Configuration

Additional configuration options for OCSP

The URL can be either http or https.

1-53

Table of Contents

Need help?

Do you have a question about the Collaboration Server (RMX) 1500 and is the answer not in the manual?

Questions and answers

This manual is also suitable for:

Collaboration server (rmx)2000 Realpresence rmx 4000 Realpresence rmx 1500 Realpresence rmx 2000

Certificate Revocation - Polycom Collaboration Server (RMX) 1500 Deployment Manual

Certificate Revocation

Need help?

Questions and answers

Related Manuals for Polycom Collaboration Server (RMX) 1500

Related Content for Polycom Collaboration Server (RMX) 1500

This manual is also suitable for:

Table of Contents