Views

Improved Certificate Matching

The Wiki of Unify contains information on clients and devices, communications systems and unified communications. - Unify GmbH & Co. KG is a Trademark Licensee of Siemens AG.

Jump to: navigation, search

You are here:  

Icon linkarrow.gif Home  Icon linkarrow.gif Devices  Icon linkarrow.gif OpenStage  Icon linkarrow.gif Improved Certificate Matching
Systematics
Family: OpenStage
Model: OpenStage 15
OpenStage 20
OpenStage 40
OpenStage 60
OpenStage 80
Relation: SIP related
Phone related
API/SDK related
Release: V3 R0

For individual certificates provided by specific servers, the level of authentication can be configured.

  • When None is selected, no certificate check is performed.
  • With Trusted, the certificate is only checked against the signature credentials provided by the remote entity for signature, and the expiry date is checked.
  • When Full is selected, the certificate is fully checked against the credentials provided by the remote entity for signature, the fields must match the requested subject/usage, and the expiry date is checked.

The default option is Trusted.

The default CA certificate is no longer used. Support for a HTTPS certificate downloaded by the DLS has been added.

  • Secure file transfer sets the authentication level for the HTTPS server to be used.
  • Secure send URL sets the authentication level for the server to which special HTTP requests are sent on key press.
  • Secure SIP server sets the authentication level for the SIP server connected to the phone.
  • XML Applications sets the authentication level for the XML applications server

There are new Admin/DLS level configuration items to allow individual interfaces to be configured according the above. 

WBM admin > Security and Policies > Certificates > Authentication policy


OpenStage-Screen-AuthenticationPolicy.jpg

Retrieved from "http://wiki.unify.com/index.php?title=Improved_Certificate_Matching&oldid=34175"