System Security

Certificate Settings

The following table describes the fields on the Certificate Settings page.

Column

Description

 

 

Enable OCSP

Enables the use of Online Certificate Status Protocol as a means of obtaining the

 

revocation status of a certificate presented to the system.

 

If OCSP responder URL is not specified, the system checks the certificate’s

 

AuthorityInfoAccess (AIA) extension fields for the location of an OCSP responder:

 

If there is none, the certificate fails validation.

 

Otherwise, the system sends the OCSP request to the responder identified in the

 

certificate.

 

If OCSP responder URL is specified, the system sends the OCSP request to that

 

responder.

 

The responder returns a message indicating whether the certificate is good, revoked, or

 

unknown.

 

If OCSP certificate is specified, the response message must be signed by the specified

 

certificate’s private key.

 

 

OCSP responder URL

Identifies the responder to be used for all OCSP requests, overriding the AIA field

 

values.

 

If OCSP certificate is specified, the response message must be signed by the specified

 

certificate’s private key.

 

 

OCSP certificate

Select a certificate to require OCSP response messages to be signed by the specified

 

certificate’s private key.

 

 

Store OCSP

Saves the OCSP configuration.

Configuration

 

 

 

Identifier

Common name of the certificate.

 

 

Purpose

Kind of certificate:

 

Server SSL is the RealPresence DMA system’s public certificate, which it presents to

 

identify itself. By default, this is a self-signed certificate, not trusted by other devices.

 

Trusted Root CA is the root certificate of a certificate authority that the RealPresence

 

DMA system trusts.

 

Intermediate CA is a CA certificate that trusted root CAs issue themselves to sign

 

certificate signing requests (reducing the likelihood of their root certificate being

 

compromised). If the RealPresence DMA system trusts the root CA, then the chain

 

consisting of it, its intermediate CA certificates, and the server certificate will all be

 

trusted.

 

 

Expiration

Expiration date of certificate.

 

 

Polycom, Inc.

41

Page 41
Image 41
Polycom 7000 manual Certificate Settings, Column Description