Ultra Secure Mode

 

 

 

 

 

Version Change - Password and Certificate Compatibility

 

 

 

 

 

 

 

 

Version

Behavior

 

 

 

Change

Passwords

Certificates

 

 

 

 

 

 

 

 

 

 

Upgrade

On user login:

The new version accepts certificates

 

from old version

All new-userpasswords are hashed and

issued with SHA-1 hashing.

 

to new version

saved using SHA-256.

 

 

• Existing user passwords remain saved using the SHA-1 signature, however:

On first login after the upgrade the SHA-1 hashed password is automatically replaced with SHA-256 hashed password.

Note: After an upgrade to version 8.1.4.J there will be still passwords saved with the SHA-1 signature.

In order not to rely on automatic password signature conversion and replacement, and to ensure that the system only has SHA-256 hashed passwords saved, the administrator should:

Either:

Ensure that all the users login to the system at least once to ensure automatic replacement of SHA-1 hashed passwords with SHA-256 hashed passwords.

Or:

Delete and recreate all users.

Downgrade Before the downgrade procedure begins, the

from new administrator receives a popup warning message

version to old Passwords will change to factory

version default would you like to proceed?

All users and SHA-256 hashed passwords are deleted.

The administrator’s User Name and Password reverts to the Factory Default: POLYCOM /

POLYCOM.

The old version accepts certificates issued with SHA-1hashing.

For certificates issued with SHA-256 hashing:

The administrator receives a popup warning message TLS certificate will be deleted and the system will switch to non-secured connection, would you like to proceed?

For each certificate that is hashed with SHA-256:

RMX Web Client / RMX Manager connections to the RMX are switched to non-secured mode.

LDAP services are changed from 636 to port 389.

SIP TLS sessions are changed to

SIP UDP.

The certificate is deleted.

Polycom®, Inc.

873

Page 904
Image 904
Polycom 1500/1800/2000/4000 manual Polycom, Sip Udp