Administrator‘s Guide for Yealink Video Conferencing Systems
136
certificates, refer to Appendix B: Trusted Certificates on page 167.
Server Certificate: When clients request a TLS connection with the system, the
system sends the server certificate to the clients for authentication. The system has
two types of built-in server certificates: a unique server certificate and a generic
server certificate. You can only upload one server certificate to the system. The old
server certificate will be overridden by the new one. The format of the server
certificate files must be *.pem and *.cer.
- A unique server certificate: It is installed by default and is unique to a system
(based on the MAC address) and issued by the Yealink Certificate Authority
(CA).
- A generic server certificate: It is installed by default and is issued by the
Yealink Certificate Authority (CA). Only if no unique certificate exists, the
system may send a generic certificate for authentication.
The system can authenticate the server certificate based on the trusted certificates list.
The trusted certificates list and the server certificates list contain the default and custom
certificates. You can specify the type of certificates the system accepts: default
certificates, custom certificates, or all certificates.
Common Name Validation feature enables the system to mandatorily validate the
common name of the certificate sent by the connecting server. And Security verification
rules are compliant with RFC 2818.
TLS parameters on the system are described below:
Configures the type of transport
protocol for the SIP account.
UDP—provides best-effort
transport via UDP for the SIP
signaling.
TCP—provides reliable
transport via TCP for SIP
signaling.
TLS—provides secure
communication for SIP
signaling.
TLS is available only when the
system is registered with a SIP
server that supports TLS.
To Next Page
Loading...
Need help?
General
