Polycom® RealPresence Collaboration ServerVirtual Edition Administrator’s Guide
F-2 Polycom, Inc.
•Support of Extended Key Usage (EKU) for both:
Client Authentication
Server Authentication
The certificate template used by your CA server may need modification to meet the
Collaboration Server requirements.

Certificate Requirements for Polycom Devices

Each Polycom device must have security certificates for the entire Chain Of Trust.
The Collaboration Server must have:
The public certificate of each server in the CA Chain or hierarchy that issued its
certificate.
For example: RootCA IntermediateCA SubCA
The public certificates of the chain that issued the administrator’s identity certificate. For
example: UserRootCA UserIntermediateCA UserSubCA

Configure Certificate Management

Within a PKI environment, certificate revocation policies are used to ensure that certificates
are valid. Certificates can expire or be revoked for various reasons (RFC 5280).
The Collaboration Server enforces these certificate revocation policies through Certificate
Revocation Lists (CRLs). CRLs are required for each CA Chain in use by the Collaboration
Server. These CRL files must be kept current

Switching to Secure Mode

The following operations are required to switch the Collaboration Server to Secure Mode:
Purchase and Install the SSL/TLS certificate
Modify the Management Network settings
Create/Modify the relevant System Flags

Purchasing a Certificate

Once a certificate is purchased and received it is stored in the Collaboration Server and used
for all subsequent secured connections.
To create/purchase a certificate:
1In the Collaboration Server menu, click Setup > RMX Secured Communication >
Create certificate request.