Version 5.8 137 October 2009
SIP User's Manual 3. Web-Based Management
3.4.4.3 Configuring the Certificates
The 'Certificates' page is used for both HTTPS and SIP TLS secure communication:
îš„ Replacing the server certificate (refer to ''Server Certificate Replacement'' on page
137)
îš„ Repl
acing the client certificates (refer to ''Client Certificates'' on page 139)
îš„ Reg
enerating Self-Signed Certificates (refer to ''Self-Signed Certificates'' on page 140)
îš„ Upd
ating the private key (using HTTPSPkeyFileName, as described in the Product
Reference Manual).
3.4.4.3.1 Server Certificate Replacement
The device is supplied with a working Secure Socket Layer (SSL) configuration consisting
of a unique self-signed server certificate. If an organizational Public Key Infrastructure (PKI)
is used, you may wish to replace this certificate with one provided by your security
administrator.
¾ To replace the device's self-signed certificate:
1. Your network administrator should allocate a unique DNS name for the device (e.g.,
dns_name.corp.customer.com). This DNS name is used to access the device and
should therefore, be listed in the server certificate.
2. If the device is operating in HTTPS mode, then set the parameter 'Secured Web
Connection (HTTPS)' to 'HTTP and HTTPS' (0) (refer to ''Configuring the General
Security Settings'' on page 141) to e
nsure you have a method of accessing the device
in case the new certificate doesn’t work. Restore the previous setting after testing the
configuration.
3. Open the ‘Certificates Signing Request' page (Configuration tab > Security Settings
menu > Certificates page item).
Figure 3-133: Certificates Signing Request Page