Improved Certificate Matching
The Wiki of Unify contains information on clients and devices, communications systems and unified communications. - Unify GmbH & Co. KG is a Trademark Licensee of Siemens AG.
|Model:|| OpenStage 15|
|Relation:|| SIP related|
For individual certificates provided by specific servers, the level of authentication can be configured.
- When None is selected, no certificate check is performed.
- With Trusted, the certificate is only checked against the signature credentials provided by the remote entity for signature, and the expiry date is checked.
- When Full is selected, the certificate is fully checked against the credentials provided by the remote entity for signature, the fields must match the requested subject/usage, and the expiry date is checked.
The default option is Trusted.
The default CA certificate is no longer used. Support for a HTTPS certificate downloaded by the DLS has been added.
- Secure file transfer sets the authentication level for the HTTPS server to be used.
- Secure send URL sets the authentication level for the server to which special HTTP requests are sent on key press.
- Secure SIP server sets the authentication level for the SIP server connected to the phone.
- XML Applications sets the authentication level for the XML applications server
There are new Admin/DLS level configuration items to allow individual interfaces to be configured according the above.
WBM admin > Security and Policies > Certificates > Authentication policy