Manualshelf

User's Manual

ManualsBrandsAvaya ManualsIP phonesSIP Software 3.1 for 1100 Series
251252253254255256257258259260
Chapter 15: Certificate-based
authentication
Certificate-based authentication
Certificate-based authentication allows the administrator to ensure that the IP Deskphone is
authorized to access the enterprise LAN environment and to connect securely to SIP proxy
and provisioning servers.
Certificates bind an identity to a pair of electronic keys that are used to encrypt and sign digital
information, and make it possible to verify someone’s claim that they have the right to use a
given key. Certificates provide a complete security solution, assuring the identity of all parties
involved in a transaction. Certificates are issued by a Certification Authority (CA) and are
signed with the CA’s private key.
A certificate contains the following information:
• Owner’s public key
• Owner’s name
• Expiration date of the public key
• Name of the issuer (the CA that issued the certificate)
• Serial number of the certificate
• Digital signature of the issuer
A Certificate Authority issues certificates to users and devices, such as IP Deskphones. A CA
is a trusted third party. The certificate issued by a CA contains a variety of data. This data
includes the identity of the issuing CA, Certificate Usage, and expiry date for the certificate
Certificate-based authentication is provided on the IP Deskphone by installing trusted root
certificates, device certificates, and Certificate Trust Lists (CTL). Device Certificates are
installed by importing a password-protected PKCS#12 file device certificate. A PKCS#12 file
device certificate contains both private and public key pairs of the certificate.
CTL is a predefined list of trusted server certificates which the IP Deskphone views as trusted
endpoints. It is used as a mechanism to provide connection to only trusted servers.
IP Deskphones enable the administrator to manage (view and delete) trusted certificates,
device certificates, and CTLs through user interface. Events are logged to Security Logs to
SIP Software for Avaya 1100 Series IP Deskphones-Administration November 2012 251