Polycom (RMX) 1500 User Manual
RealPresence Collaboration Server (RMX) 1500/1800/2000/4000 Administrator’s Guide
Polycom®, Inc.
801
Certificate Management
(PKI) Public Key Infrastructure
PKI (Public Key Infrastructure) is a set of tools and policies deployed to enhance the security of data
communications between networking entities.
communications between networking entities.
The implementation of PKI on the Collaboration Server has been enhanced to ensure that all networked
entities are checked for the presence of unique certificates by implementing the following rules and
procedures during the TLS negotiation:
entities are checked for the presence of unique certificates by implementing the following rules and
procedures during the TLS negotiation:
● The Collaboration Server identifies itself with the same certificate when operating as a server and as
a client.
● The Collaboration Server’s management applications: Collaboration Server Web Client and RMX
Manager, identify themselves with certificates.
● While establishing the required TLS connection, there is an exchange of certificates between all
entities.
● Entities such as CMA and DMA that function as both client and server within the Management
Network identify themselves with the same certificate for both their client and server functions.
● A single Certificate Repository is maintained for:
The Management Network Service.
SIP TLS Personal Certificates for each defined IP Network Service.
Trusted (CA) certificate for all TLS connections.
CRL for all TLS connections.
● SIP TLS certificates are validated against the CA.
● SIP TLS certificates are managed using CRL and Online Certificate Status Protocol (OCSP).
● SIP TLS certificates are managed using CRL and Online Certificate Status Protocol (OCSP).
Certificate revocation mode, whether by OCSP or CRL is managed using the i setting of the
Management Network.
SIP TLS is managed using the General TLS setting.
● The following certificate file formats are supported:
PEM
DER
PKCS#7/P7B
PKCS#12PFX