• CUST_CERT_ACCEPT — a Security Policy parameter that controls further signing of a
customer root certificate (not the first one). The values are VAL_NO_MANUAL,
VAL_MANUAL_A, and VAL_MANUAL_B. The default value is VAL_MANUAL_A.
• CERT_ADMIN_UI_ENABLE [YES | NO] allows you to access the Certificate Administration
User Interface. The values are YES and NO. The default value is NO.
• SEC_POLICY_ACCEPT allows you to accept security policy. The default value is
VAL_MANUAL_A. Following are the acceptable parameters:
- VAL_MANUAL_A — If the resource file is not signed and if there are no customer
certificates, then Finger Print Display and Accept/Reject options appear .
- VAL_MANUAL_B — If the resource file is not signed and if there are no customer
certificates, enter the Finger Print Value manually and then select Accept option.
• SECURITY_LOG_UI_ENABLE [YES | NO] — allows you to access the Security and Error
Logs User Interface. The values are YES and NO. The default value is No.
• KEY_SIZE — the default key size that is used when generating keys on the IP Deskphone,
and acts at the minimum allowed key size that is enforced when loading certificates from the IP
Deskphone. The values are 1024, 1536, and 2048. The default value is 1024.
• KEY_ALGORITHM — the preferred key generation algorithm. The accepted value is
KEY_ALG_RSA.
• TLS_CIPHER — the preferred TLS Cipher used for HTTPS to configure a stronger cipher
preference when available. The values are RSA_WITH_AES_128_CBC_SHA, and
RSA_WITH_AES_256_CBC_SHA. The default value is RSA_WITH_AES_256_CBC_SHA.
• SIGN_SIP_CONFIG_FILES [YES | NO] — overrides the file signing of files (resource files
such as the device configuration file and the dial plan) other than the Security Policy and
Customer Certificates. The values are YES and NO. The default value is NO.
- YES — Signing is required.
- NO — No authentication check is performed.
• FP_PRESENTED — allows you to accept or reject a Finger Print if the resource file is not
signed and if there are no customer certificates.
• FP_ENTERED — allows you to manually enter and accept a Finger Print value if the resource
file is not signed and if there are no customer certificates.
• SUBJ_ALT_NAME_CHECK_ENABLE [YES | NO] — allows you to verify the Subject
Alternative Attribute in the presented certificate. Only the IPv4 IP address is supported for this
attribute. The values are YES and NO. The default value is NO.
• SECURITY_POLICY_PARAM_CHANGE — allows the IP Deskphone to enter changes that
are made to the security policy file in the security log file.
• CERT_EXPIRE — allows you to select Certificate Expiration Policy. The default value is
LOG_EXPIRE. Following are the acceptable parameter values:
- DELETE_CERT — A certificate is deleted when it expires and a security log entry is added.
Create the device configuration file
March 2015 SIP Software for Avaya 1200 Series IP Deskphones-Administration 85
Comments? infodev@avaya.com
To Next Page
Loading...
