TANDBERG Security Camera Security

165

D14049.03

MAY 2008

Grey Headline (continu ed)

TANDBERG VIDEO COMMUNICATIONS SERVER

ADMINISTRATOR GUIDE

Introduction Getting Started Overview and

Status

System

Conguration

VCS

Conguration

Zones and

Neighbors

Call

Processing

Bandwidth

Control

Firewall

Traversal Maintenance Appendices

Security

For extra security, you may wish to h ave the

VCS communicate with other syst ems (e.g.

servers such as LDAP ser vers or clients such

as SIP endpoints) using TLS encry ption.

For this to work successfully in a co nnection

between a client and server:

the server must have a certi cate installed

• that veries its identity. This certi cate

must be signed by a Certica te Authority

(CA).

the client must trust the CA that sig ned the

• certicate used by the server.

The VCS allows you to install appropr iate les

so that it can act as either a client or a se rver

in connections using TLS.

Select the le containing...

Allows you to upload a PEM le that ident ies

the list of Certicate Auth orities trusted by

the VCS. The VCS will only accept cer ticates

signed by a CA on this list. If you are

connecting to an LDAP databas e using TLS

encryption, the cert icate used by the LDAP

database must be signed by a CA on this lis t.

Upload CA certicate

Click here once you have selected t he le to

upload it.

Select the server priva te key le

Allows you to upload a PEM le that ident ies

the private key used to encry pt the server

certicate used by the VCS. T his private key

must not be password protected.

Select the server cer ticate le

Allows you to upload a PEM le that

contains the server cer ticate used for

HTTPS connections to the VC S from user

or administrator web browsers, an d by SIP

endpoints or servers conn ecting to the VCS

over TLS.

Show server certica te

Shows you the currently upload ed PEM le containing the cer ticate used by the VCS to identi fy

itself to SIP and HTTPS client s when communicating over SS L/TLS.

Overview

To enable security using the web inter face:

Maintenance > Security

• .

You will be taken to the Security page.

Upload server certi cate data

Click here once you have selected t he les to

upload them.

Enabling Security

Show CA certicate

Shows you the currently upload ed PEM le

that identies the list of Cer ticate Authorities

trusted by the VCS.

The les that enable secure

connections over TLS are install ed via

the web interface. They cann ot be

installed using the CLI.