165
D14049.03
MAY 2008
Grey Headline (continu ed)
TANDBERG VIDEO COMMUNICATIONS SERVER
ADMINISTRATOR GUIDE
Introduction Getting Started Overview and
Status
System
Conguration
VCS
Conguration
Zones and
Neighbors
Call
Processing
Bandwidth
Control
Firewall
Traversal Maintenance Appendices
SecurityFor extra security, you may wish to h ave the
VCS communicate with other syst ems (e.g.
servers such as LDAP ser vers or clients such
as SIP endpoints) using TLS encry ption.
For this to work successfully in a co nnection
between a client and server:
the server must have a certi cate installed
• that veries its identity. This certi cate
must be signed by a Certica te Authority
(CA).
the client must trust the CA that sig ned the
• certicate used by the server.
The VCS allows you to install appropr iate les
so that it can act as either a client or a se rver
in connections using TLS.
Select the le containing...
Allows you to upload a PEM le that ident ies
the list of Certicate Auth orities trusted by
the VCS. The VCS will only accept cer ticates
signed by a CA on this list. If you are
connecting to an LDAP databas e using TLS
encryption, the cert icate used by the LDAP
database must be signed by a CA on this lis t.
Upload CA certicate
Click here once you have selected t he le to
upload it.
Select the server priva te key le
Allows you to upload a PEM le that ident ies
the private key used to encry pt the server
certicate used by the VCS. T his private key
must not be password protected.
Select the server cer ticate le
Allows you to upload a PEM le that
contains the server cer ticate used for
HTTPS connections to the VC S from user
or administrator web browsers, an d by SIP
endpoints or servers conn ecting to the VCS
over TLS.
Show server certica te
Shows you the currently upload ed PEM le containing the cer ticate used by the VCS to identi fy
itself to SIP and HTTPS client s when communicating over SS L/TLS.
Overview
To enable security using the web inter face:
Maintenance > Security
• .
You will be taken to the Security page.
Upload server certi cate data
Click here once you have selected t he les to
upload them.
Enabling Security
Show CA certicate
Shows you the currently upload ed PEM le
that identies the list of Cer ticate Authorities
trusted by the VCS.
The les that enable secure
connections over TLS are install ed via
the web interface. They cann ot be
installed using the CLI.