Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
Maintenance
Some option keys require that the VCS is restarted before the option key will take effect. In such
cases you will receive a warning on the web interface, which will remain in place as a reminder until
the system has been restarted. However, you can continue to use and configure the VCS in the
meantime.
cases you will receive a warning on the web interface, which will remain in place as a reminder until
the system has been restarted. However, you can continue to use and configure the VCS in the
meantime.
Adding option keys using the CLI
To return the indexes of all the option keys that are already installed on your system:
n
xStatus Options
To add a new option key to your system:
n
xConfiguration Option [1..64] Key
Note: when using the CLI to add an extra option key, you can use any unused option index. If you
chose an existing option index, that option will be overwritten and the extra functionality provided by
that option key will no longer exist. To see which indexes are currently in use, type xConfiguration
option
chose an existing option index, that option will be overwritten and the extra functionality provided by
that option key will no longer exist. To see which indexes are currently in use, type xConfiguration
option
.
About security certificates
For extra security, you may want to have the VCS communicate with other systems (such as LDAP
servers, neighbor VCSs, or clients such as SIP endpoints and web browsers) using TLS encryption.
servers, neighbor VCSs, or clients such as SIP endpoints and web browsers) using TLS encryption.
For this to work successfully in a connection between a client and server:
n
The server must have a certificate installed that verifies its identity. This certificate must be signed
by a Certificate Authority (CA).
by a Certificate Authority (CA).
n
The client must trust the CA that signed the certificate used by the server.
The VCS allows you to install appropriate files so that it can act as either a client or a server in
connections using TLS. The VCS can also authenticate client connections (typically from a web
browser) over HTTPS. You can also upload certificate revocation lists (CRLs) for the CAs used to
verify LDAP server and HTTPS client certificates.
connections using TLS. The VCS can also authenticate client connections (typically from a web
browser) over HTTPS. You can also upload certificate revocation lists (CRLs) for the CAs used to
verify LDAP server and HTTPS client certificates.
n
For an endpoint to VCS connection, the VCS acts as the TLS server.
n
For a VCS to LDAP server connection, the VCS is a client.
n
For a VCS to VCS connection either VCS may be the client with the other VCS being the TLS
server.
server.
n
For HTTPS connections the web browser is the client and the VCS is the server.
TLS can be difficult to configure. For example, when using it with an LDAP server it is recommended
that you confirm that your system is working correctly before you attempt to secure the connection
with TLS. You are also recommended to use a third party LDAP browser to verify that your LDAP
server is correctly configured to use TLS.
that you confirm that your system is working correctly before you attempt to secure the connection
with TLS. You are also recommended to use a third party LDAP browser to verify that your LDAP
server is correctly configured to use TLS.
Note: be careful not to allow your CA certificates or CRLs to expire as this may cause certificates
signed by those CAs to be rejected.
signed by those CAs to be rejected.
See
for instructions about how to install certificates. Further information
is also available in the Certificate creation and use with VCS deployment guide [
].
Managing security certificates
The Security certificates page (
Maintenance > Certificate management > Security certificates
) is
used to manage the
used by the VCS when acting as either a client or a server in
connections using TLS, and when authenticating client connections over HTTPS.
Cisco VCS Administrator Guide (X6.1)
Page 197 of 401