Appendix - Secure Communication Mode
Polycom, Inc. 335
Certificate Template Requirements
The specific security certificate requirements for Collaboration Servers used in Maximum Security
Environments are:
● Support of 2048-bit encryption keys.
● Support of Extended Key Usage (EKU) for both:
Client Authentication
Server Authentication
The certificate template used by your CA server may need modification to meet the Collaboration Server
requirements.
Certificate Requirements
In Secure Mode, the certificate requirements depend on the Skip certificate validation for user logging
session field.
For certificate requirements in Ultra Secure Mode, see Certificate Requirements.
Configure Certificate Management
Within a PKI environment, certificate revocation policies are used to ensure that certificates are valid.
Certificates can expire or be revoked for various reasons (RFC 5280).
The Collaboration Server enforces these certificate revocation policies through Certificate Revocation Lists
(CRLs). CRLs are required for each CA Chain in use by the Collaboration Server. These CRL files must be
kept current. For more information see Certificate Configuration and Management and Public Key
Infrastructure (PKI).
Switching to Secure Mode
The following operations are required to switch the Collaboration Server to Secure Mode:
● Purchase and Install the SSL/TLS certificate
● Modify the Management Network settings
● Create/Modify the relevant System Flags
Purchasing and Installing a Certificate
Once a certificate is purchased and received it is stored in the Collaboration Server and used for all
subsequent secured connections. For more information see Adding Certificates to the Certificate
Repository.
Note: Certificate Vulnerability due to Restoring Factory Defaults
Certificates are deleted when an administrator performs a Restore Factory Defaults with the
Comprehensive Restore option selected.
For details see Appendix - Restore Defaults from USB.
To Next Page
Loading...
