System Security

See also:

Security Certificates Overview on page 39

Certificate Settings on page 43

Certificate Procedures

Certificate procedures include the following:

Install your chosen certificate authority’s public certificate, if necessary, so that the Polycom RealPresence DMA system trusts that certificate authority.

Create a certificate signing request to submit to the certificate authority.

Install a public certificate signed by your certificate authority that identifies the Polycom RealPresence DMA system.

Remove a signed certificate or a certificate authority’s certificate.

Note: Obtaining Certificates for Microsoft Environments

If you’re configuring the Polycom RealPresence DMA system to support Polycom’s solution for the Microsoft OCS or Lync environment, you can use Microsoft’s Certificate Wizard to request and obtain a PFX file (a password-protected PKCS12 file containing a private key and public key for the system, and the CA’s certificate).

Once you have the PFX file, you’re ready to install it.

See Polycom’s solution deployment guide for information about using the Certificate Wizard and other steps needed to implement the solution.

Install a Certificate Authority’s Certificate

This procedure is not necessary if you obtain a certificate chain that includes a signed certificate for the Polycom RealPresence DMA system, your certificate authority’s public certificate, and any intermediate certificates.

Use this procedure to add a trusted certificate authority, either an in-house or commercial CA.

Caution: Installing or Removing Certificates Requires a Restart

Installing or removing certificates requires a system restart and terminates all active conferences.

When you install or remove a certificate, the change is made to the certificate store immediately, but the system can’t implement the change until it restarts and reads the changed certificate store.

For your convenience, you’re not required to restart and apply a change immediately. This permits you to perform multiple installs or removals before restarting and applying the changes. But when you’re finished making changes, you must select Restart to Apply Saved Changes to restart the system and finish your update. Before you begin, make sure there are no active conferences and you’re prepared to restart the system when you’re finished.

To install a certificate for a trusted root CA

1Go to Admin > Local Cluster > Certificates.

The installed certificates are listed. The Trusted Root CA entries, if any, represent the certificate authorities whose public certificates are already installed on the RealPresence DMA system and are thus trusted.

Polycom, Inc.

46

Page 46
Image 46
Polycom 3725-76302-001O manual Certificate Procedures, Install a Certificate Authority’s Certificate