Manualshelf

System information

ManualsBrandsBoots ManualsGadgetsCS-1000
381382383384385386387388389390
390 Features
For certificate chaining, the TLS server or the digital file signing process
must ensure that all certificates in the chain up to, but not including, the
trust anchor are provided. Otherwise, the certificate chain cannot be
validated by the phone. After one customer root certificate installs on the
phone, all customer configuration files (including additional certificate
files) must be signed or they reject without any user input or options. It is
possible to install more than one customer root certificate on the phone if
more than once Certificate Authority is used.
Use the following procedure to install the first customer certificate on the IP
Phone.
Procedure 107
Installing the first customer cer tificate on the IP Phone
Step Action
1 Export the public CA certificate in Privacy Enhanced Mail (PEM)
format.
The exporting process depends on the management certificate
program (for example, Microsoft CA Server, OpenSSL, EJBCA).
Keep the private key secure and do not install the private key
on the phone.
2 If you store more than one certificate in PEM format in this file,
insert a blank line to separate the certificates. See Figure 75
"Certificate file with more than one certificate" (page 403).
3 Add a section to the configuration file for each IP Phone where
FILENAME is the name of the file created in step 1. For more
information about the configuration file, see “Configuration file”
(page 397) .
4 Use DHCP or manual configuration to properly set the
Provisioning Server address.
5 Reboot the IP Phone.
6 When the phone connects to the provisioning server, the
[USER_KEYS] section is read and the file(s) downloads.
7 Select Install to proceed.
The phone displays the fingerprint of the certificate file.
8 Select Accept to install the certificate on the IP Phone.
For more information about certificate validation options, see
“Validating certificates” (page 391) .
--End--
Nortel Communication Server 1000
IP Phones Fundamentals
NN43001-368 05.02 26 May 2009
Copyright © 2003-2009 Nortel Networks. All Rights Reserved.
.