Configuring the Deployment Tool for TLS | Siemens V1.2.33 instruction

Deployment Tool with TLS

Configuring the Deployment Tool for TLS

Press the button denoted by the Certificate Icon on the Operations Pane to view the TLS Configuration Dialogue.

The left-side of the dialogue shows a list of the various trusted CA certifi- cates held by the Deployment Tool to authenticate phones.

The icon denotes a trusted certificate, while the icon denotes a certificate which is invalid because today’s date is outside of its valid cal- endar period. The right-side of the dialogue shows the details of the cur- rently selected certificate. Any of these certificates can be used to authen- ticate phones. For security, the Deployment Tool controls the addition of new trusted certificates to the list. Certificates can be readily deleted from the list by pressing the “Delete Certificate” button, towards the bottom of the dialogue. This removes the currently selected certificate from the list.

The bottom of the dialogue shows the subject DN expected in the end-en- tity certificates received from the target phones.

The same DN is used by the Deployment Tool when configuring a batch of phones, so the name is not likely to be specific to any individual phone. The name is a sequence of identifiers, separated by commas. The identi- fiers can be in any order. Whitespace is ignored. The subject DN should not have a null value.

Exiting the dialogue prompts the user to save or undo the changes made to the list of trusted certificates or the subject DN. The trusted certificates and subject DN are held in files on the PC’s hard-disk.

86

Image 86

Siemens V1.2.33 manual Configuring the Deployment Tool for TLS

Contents

Administrator Manual Contents Help Functions Configuration TabOptiPoint types Deployment Tool with TLS Parameters Introduction IntroductionSupported Phones Requirements Screen ResolutionFTP Service Operating System Installing and Running the Program Installing and Running the ProgramInstalling the Program Click Start Installer for Windows Device List window Listing Connected IP PhonesListing Connected IP Phones Icons in the DeviceList window For the function Configure selected devicesIcons and Buttons Icons in the Operations window Creating a Device List CTRL+A or Specifying the Number of Scans Hiding List Columns Moving List Columns Column ContentsEditing a Device List Starting a Scan MAC address AddressStatus 164 Device type Resetting the Scan ResultStopping a Scan Saving a Deployment File Deleting an Entry from the Device ListSelecting a Device Group Loading the Deployment File CTRL+O or Configuration ConfigurationConfiguration Preparation Starting Configuration File Transfer tab Dialogs for optiPoint telephones Editing a Configuration Transfer file Saving settingsCTRL+S or Minutes for Transferring a ConfigurationAdministrator password Minutes for optiPoint 300 advance Log file Starting transferStopping transfer Verification Ctrl+B Saving and Loading Device GroupsSaving Device Groups Loading Device Groups Configuration OptiPoint 400 economy HFA OptiPoint typesOptiPoint 400 standard H450 OptiPoint 400 standard HFA OptiPoint 400 standard SIP Device type 400 standard SIP OptiPoint types Device type 400standardSIP Device type 410entryHFA, 410economyHFA OptiPoint 410 entry HFA, 410 economy HFAOptiPoint 410 standard HFA, 410 advance HFA Device type 410standardHFA, 410advanceHFA Device type 600officeHFA OptiPoint 600 office HFAOptiPoint 600 officeUP0/E Device type 600officeUP0/E OptiPoint 600 office SIP Device type 600officeSIP Help Functions Help FunctionsChecking the Status Status Messages Following status messages may appear Log File Audio/Visual Indications Configuration TabAlert Indications Contacts Dial Plan Country & LanguageDialling Codes Dial Plan 400 standard SIP V2.4, 600 office SIP File Transfer File Transfer 400 standard H450, 400 standard SIP 2.x/SIP File Transfer 410 standard HFA, 410 advance HFA Function Keys Http SettingsParameter Setting Key 1 to 10 or Instant Messaging IP Routing IP Routing 400 standard H450 Default gateway Route Gateway Mask DNS server address Kerberos Kerberos 400 standard SIP Key & Lamp Module 1/2 Messaging ServicesKeyset Operations Keyset Operations 400 standard SIP V2.4, 600 office SIP Miscellaneous PasswordsPasswords 600 office HFA, 600 office UP0/E, 600 office SIP Miscellaneous 410 standard HFA, 410 advance HFA Presence 400 standard SIP Personal DirectoryPresence Security Quality of ServiceQuality of Service 600 office UP0/E Security 400 standard SIP V2.4/SIP V3.0, 600 office SIP SIP Feature Configuration SelectedDialing Speech parameters Telephony Configuration 400 standard HFA, 400 economy HFA Telephony ConfigurationTelephony Configuration 400 standard H450 Parameter Setting PBX/Gateway Address Telephony Configuration 600 office HFA, 600 office UP0/E Time WAP Parameters Description Cancel mobility password Audio ModeBeep On SIP Server Error Area code Compression Codec Config filename prefixCodec Connection type Dhcp DSM application filename External access codeFTP password Emergency number Gatekeeper address H450 featuresFTP username Gatekeeper discovery address International dial prefix IM Session TimerImport personal directory Java midlet filename Layer 2 Default Layer 2 Voice/SignalingLayer 3 Voice/Signaling LAN/PC port mode Ldap Server Addr Line Key action modeLayer 2 Priority Ldap template name Loge filename New Domain PasswordOperating mode Mask Permit Decline Call Proximity TimerPBX/Gateway Address Port Number QoS L2/L3 Registration TimerPstn acces code Realm Rollover type Ring No Reply TimerRing Seen Timer Route Security window seconds Session TimerSecurity profile Server type SIP Registrar Port Snmp PasswordSIP Registrar Address SIP Routing Model Snmp Trap Port Subscriber PasswordSnmp Trap IP Address Sntp Server IP Address Terminating line preference System typeTag Time Trusted Certificates File Management Unused TimerUser Change Password Vlan Id User passwordWAP Mode Vlan Method Dial Plan Default RouteAbbreviations and Technical Terms DNS Epid FTP KDC HFAHttp LCD LANLdap LED MCU PasswordMAC MIB Pstn PBXPing RAM Snmp ROMSIP Sntp URL UDPURI Vlan WSP VoIPWAP Installation and Configuration Administration ScenariosConfiguring an FTP Server Administration Scenarios Administration Scenarios Certificates Deployment Tool with TLSPublic Key Asymmetric Cryptography Deployment Tool with TLS TLS Certificate File Formats Use of TLS by an IP Phone Operating the XML Management Interface over TLS Configuring the Deployment Tool for TLS Installing the Deployment Tool TLS Handshake Failure Transferring Certificates to Phones Selecting a File for Transfer Transferring a Server Key Material File Transferring a Client Trusted Certificates File Ref. No. A31003-A2056-A105-63-76A9