Generating a Certificate Signing Request for XT Series
About this task
This section explains how to generate and upload the TLS or HTTPS web certificate for Avaya
Scopia
®
XT Series that is used for encrypting communications with other video network devices.
Important:
Using encryption is subject to local regulation. In some countries it is restricted or limited for
usage. For more information, consult your local reseller.
To create a TLS or HTTPS web certificate, you need to generate a certificate signing request (CSR)
and send it to the certification authority (CA) for signing. A CA has its own certificate, known as the
CA root certificate. When the CA signed certificate is ready, you upload it into the XT Series for
which it was created, together with the CA root certificate. Once this is done, the component can
authenticate itself and is ready for TLS connection.
You can also determine the level of security of the CSRs you generate. You can create encryption
keys of 1024 bit length, or highly secure (longer) keys containing 2048 bits. You can use an
encrypted PKCS #12 file format to import/export both the private key and the corresponding
certificate into the XT Codec Unit from the XT Series web interface. Unlike .pem files, the PKCS #12
file format is fully encrypted and contains both public and private certificate pairs. It can also contain
the certificate of the signing trusted authority. You can also protect the file using a password.
Before you begin
To generate a certificate signing request, you can use the system IP address or DNS name. If you
use an IP address, please assure that it is a static IP address, since the system generates the
certificate request using its IP address as the Common Name (CN). For more information, see
Configuring Advanced IP Address Settings on page 133. If you modify the XT Series's IP address,
you must generate a new CSR.
Procedure
1. (Optional) To generate the highest security CSRs, access the certificate preferences. From
the XT Series web interface, select Administrator Settings > Utilities > Certificates >
General. From the endpoint's main menu, select Configure > Advanced > Utilities >
Certificates > General.
Securing Connections to the XT Series Using TLS
January 2017 Avaya Scopia
®
XT Series Deployment Guide 205
Comments on this document? infodev@avaya.com
To Next Page
Loading...
