Mitel Deutschland GmbH 68635RFP36U-01 User Manual
OM Management Portal (OMP)
149
SSL settings
•
Validate certificates: Enables or disables certificate validation. If enabled, the server certificate is
validated against trusted CA’s (signed by a CA from the Mozilla CA certificate list) and the configured
trusted certificates.
trusted certificates.
•
Validate expires: Enables or disables the validation of certificate expiry. When this parameter is
enabled, the client verifies whether or not a certificate has expired prior to accepting the certificate.
•
Validate host name: Enables or disables the validation of hostnames on the OMM.
•
Allow unconfigured trusted certificates: If enabled, this parameter disables any server certificate
validation as long as no trusted certificate was imported into the OMM. AXI commands in a received
configuration file may import such trusted certificates into the OMM.
configuration file may import such trusted certificates into the OMM.
•
Import certificates with first connection: If enabled (in conjunction with the Allow unconfigured
trusted certificates parameter), the trusted certificate will be imported from the cert chain delivered in
the server response without any validation, as long as no trusted certificate was imported previously
into the OMM.
the server response without any validation, as long as no trusted certificate was imported previously
into the OMM.
•
SSL version: The SSL protocol version to use for the configuration file server connection. Available
options are: TLS1.0, TLS1.1, TLS1.2 or AUTO, where AUTO accepts all protocol versions.
Daily automatic reload of configuration and firmware files
•
Active: Enables automatic reload of the configuration and resource files on a daily basis, at the
specified time.
•
Time of day: Time for scheduled reload of configuration and firmware files.
6.5.5.2 Provisioning certificates
Provisioning certificates are used for secure connections to configuration or firmware file servers that
support mutual authentication.
Provisioning certificates are used for secure connections to configuration or firmware file servers that
support mutual authentication.
A trusted certificate chain is used by the OMM to validate the server. This is required if the server has no
certificate derived from a trusted CA root certificate, where the OMM uses the Mozilla CA Certificate List.
If no server certificate is available, the validation against trusted and CA certificates can be disabled in
the certificate validation options (only encrypted TLS connection).
certificate derived from a trusted CA root certificate, where the OMM uses the Mozilla CA Certificate List.
If no server certificate is available, the validation against trusted and CA certificates can be disabled in
the certificate validation options (only encrypted TLS connection).
The local certificate chain plus the private key are provided from the OMM to servers requesting mutual
authentication. The private key file may be password protected.
authentication. The private key file may be password protected.