EasyManua.ls Logo

SpectraLink IP-DECT SERVER 6500 - Configuring Certificates

SpectraLink IP-DECT SERVER 6500
456 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
14215700-IG, Edition 15.0
May 2020, Original document
169
Configuring Certificates
To fully secure the communication between the Spectralink IP-DECT/Virtual IP-DECT Server and
other entities, a host key, a host certificate and a certificate authority (CA) certificate list must be
present in the Spectralink IP-DECT/Virtual IP-DECT Server.
The CA certificate list is used when utilizing these features:
l TLS as SIP transport
l Provisioning over HTTPS
l Secure LDAP (LDAPS) phone book
l PIN authentication with Lync/Skype for Business
A host key and certificate is required when utilizing these features:
l Authenticated HTTPS access to the web based Administration Page
l Trusted server integration with Lync/Skype for Business
l TLS as SIP transport with Cisco Unified CM
l Client authentication with provisioning over HTTPS
The Spectralink IP-DECT/Virtual IP-DECT Server is delivered with a CA certificate bundle with com-
mon public CA certificate. This means, that the Spectralink IP-DECT/Virtual IP-DECT Server will
accept certificates, for example, issued by Verisign out-of-the-box.
In addition to the CA bundle, the web based Administration Page allows installation of a local CA cer-
tificate bundle. If the certificate is generated by a local authority (such as a service provider or the
local IT department), you can import a certificate bundle in PEM-format (also known as base 64).
Furthermore, the Spectralink IP-DECT/Virtual IP-DECT Server supports installing a host certificate
that authenticates the identity of the Spectralink IP-DECT/Virtual IP-DECT Server, e.g. when a
browser accesses the web based Administration Page.
Note:
l If no host certificate is installed on a Spectralink IP-DECT Server 200/400/6500, it
will fall back to using the built-in device certificate signed by Spectralink.
l If no host certificate is installed on a Spectralink Virtual IP-DECT Server One, it will
automatically generate a self-signed certificate.
The Spectralink IP-DECT/Virtual IP-DECT Server supports three types of host keys and cer-
tificates:
l Locally generated key and self-signed certificate (not recommended)
l Locally generated key and certificate request signed by a CA
l Externally generated key and certificate
Spectralink IP-DECT Server 200/400/6500 and Virtual IP-DECT Server One Installation and Configuration Guide

Table of Contents

Other manuals for SpectraLink IP-DECT SERVER 6500

Preview: Manual
Manual29 pages
Preview: Deployment Guide
Deployment Guide32 pages
Preview: Synchronization And Deployment Guide
Synchronization And Deployment Guide36 pages
Preview: Specifications
Specifications2 pages
Preview: Interoperability Guide
Interoperability Guide31 pages

Related product manuals