Secure installation configuration
For secure installation, configure the following parameters.
Parameter Set to Notes
TRUSTCERTS Provides the file names of certificates to be used for authentication. It
supports both root and intermediate certificates and can contain up to
six certificate files.
TLSSRVRID 1 Certificates installed on the servers must have the common name
that matches the device configuration.
AUTH 1 Ensures usage of HTTPS file servers for configuration and software
files download. Once AUTH is set to 1 and the device downloads the
trusted certificates, the device can only download files from HTTPS
server with certificates that can be validated using trusted certificate
repository.
FILE_SERVER_URL Assign HTTPS or TLSRVR file servers.
SSH_ALLOWED 0 To keep SSH disabled.
SCEP parameters
Configure the following Simple Certificate Enrollment Protocol (SCEP) parameters.
Parameter
Type Default
value
Description
MYCERTURL String Null Specifies the URL to access Simple Certificate Enrollment
Protocol (SCEP) server. The device attempts to contact
the server only if this parameter is set to other than its
default value.
MYCERTCN String $SERIA
LNO
Specifies the Common name (CN) for SUBJECT in SCEP
certificate request. The values can either be $SERIALNO
or $MACADDR.
If the value includes the string "$SERIALNO”, that string
will be replaced by the phones serial number.
If the value includes the string "$MACADDR", that string
will be replaced by the phones MAC address.
MYCERTDN String Null Specifies common part of SUBJECT in SCEP certificate
request. This value defines the part of SUBJECT in a
certificate request including Organizational Unit,
Organization, Location, State, and Country that is common
for requests from different devices.
MYCERTKEYLEN Numeric 1024 Specifies the private key length in bits to be created in the
device for a certificate enrollment. The range is from 1024
to 2048.
MYCERTRENEW Numeric 90 Specifies the percentage used to calculate the renewal
time interval out of the device certificate’s Validity Object.
Table continues…
Secure installation configuration
August 2015 Administering Avaya 9601/9608/9611G/9621G/9641G/9641GS IP Deskphones SIP 73
Comments on this document? infodev@avaya.com
To Next Page
Loading...
