User`s guide

ManualsBrandsReal Tone Technologies ManualsComputer equipmentRS530

201

202

203

204

205

206

207

208

209

210

Administrator’s Guide for Polycom HDX Systems

8–28 Polycom, Inc.

If the HDX system generates a certificate, the certificate is authorized

externally after the CA signs it. Certificates can be automatically validated

when you use them to establish an authenticated network connection.

Therefore, even if a certificate is authorized, it is not considered to be valid

until you use it.

A certificate exchange is between a server and a client, both of which are peers.

When you are using an HDX system, the HDX system is a web server and the

web browser is the client application. In other situations, such as when the

HDX system needs access to LDAP directory services or provisioning, the

system is the client that communicates with the LDAP or provisioning server.

You must restart the HDX system for certificate and revocation changes to take

effect.

To configure certificate usage using the Polycom HDX web interface:

1 Go to Admin Settings > General Settings > Security > Certificates.

2 Configure the following settings on the Certificates screen:

To add a certificate on the Certificates screen:

1 Click Browse to search for and select a certificate.

2 Click Add.

The system checks the certificate data and adds it to the list. If you don't

see the certificate in the list, the system was unable to recognize the

certificate. This process is sometimes referred to as installing a certificate.

Setting Description

Maximum Peer Certificate

Chain Depth

Specifies how many links a certificate chain

can have. The term peer certificate refers to

any certificate sent by the far-end host to the

HDX system when a network connection is

being established between the two systems.

Always Validate Peer

Certificates from Servers

Enables certificate validation by specifying

whether the HDX system requires the server

to present a valid certificate when the server

makes secure connections for services such

as provisioning, directory search, and session

initiation protocol (SIP) calling. For some

security profiles, this setting is always

enabled.

Always Validate Peer

Certificates from Browsers

Enables certificate validation by specifying

whether the HDX system requires a browser

to present a valid certificate when it tries to

connect to the HDX web interface. For some

security profiles, this setting is always

enabled.