Polycom DOC2702A User Manual
Polycom RealPresence Collaboration Server (RMX) 1500/2000/4000 Administrator’s Guide
F-8
Polycom, Inc.
It is important to verify that the external database application is operating in secure mode
before enabling secure external database communications on the MCU. The MCU checks the
validity of external database’s certificate before communicating. If there is a certificate error
an Active Alarm is raised with Error in external database certificate in the description field.
To enable secure MCU Communications with an External Database:
4
To enable secure MCU Communications with an External Database:
4
Set the MCU to communicate with the database server via port 443 by setting the value
of the System Flag EXTERNAL_DB_PORT in system.cfg to 443.
For more information see "Modifying System Flags” on page
For more information see "Modifying System Flags” on page
(PKI) Public Key Infrastructure
PKI (Public Key Infrastructure) is a set of tools and policies deployed to enhance the security
of data communications between networking entities.
Unique Certificates for all Networked Entities
The implementation of PKI on the MCU has been enhanced to ensure that all networked
entities are checked for the presence of unique certificates by implementing the following
rules and procedures during the TLS negotiation:
•
•
The MCU identifies itself with the same certificate when operating as a server and as a
client.
•
The MCU’s management applications: RealPresence Collaboration Server Web Client and
RMX Manager, identify themselves with certificates.
•
While establishing the required TLS connection, there is an exchange of certificates
between all entities.
•
Entities such as CMA and DMA that function as both client and server within the
Management Network identify themselves with the same certificate for both their client
and server functions.
The following diagram illustrates the certificate exchange during the TLS connection
procedure.