Polycom 3725-76302-001LI Certificate Settings

DMA OperationsGuide Certificate Settings

38 Polycom, Inc.

Q. Is it secure to send my certificate request through email?

A. Yes. The certificate request, signed certificate, intermediate certificates,

and authority certificates that are sent through email don’t contain any

secret information. There is no security risk in letting untrusted third

parties see their contents.

As a precaution, you can verify the certificate fingerprints (which can be

found in the Certificate Details popup) with the certificate authority via

telephone. This ensures that a malicious third party didn’t substitute a

fake email message with fake certificates.

Q. Why doesn’t the information on the Certificate Details popup match

the information that I filled out in the signing request form?

A. Commercial certificate authorities routinely replace the organizational

information in the certificate with their own slightly different description

of your organization.

Q. I re-installed the Polycom DMA system software. Why can’t I re-install

my signed public certificate?

A. X.509 certificates use public/private key pair technology. The public

key is contained in your public certificate and is provided to any web

browser that asks for it. The private key never leaves the Polycom DMA

system.

As part of software installation, the Polycom DMA system generates a

new public/private key pair. The public key from your old key pair can’t

be used with the new private key.

To re-use your signed public certificate, try restoring from backup. Both

the public and private keys are saved as part of a backup file.

Alternatively, if the certificate you want to reinstall is a PKCS#12

certificate, it contains a private key and will replace both the public key

and the private key generated at installation time.