Reference11r1:Certificate names and trust relationships: Difference between revisions
Jump to navigation
Jump to search
(New page: == Applies To == This information applies to * all innovaphone devices from V11r1 == Overview == In TLS connections certificates are used for validating the identity of the server, or o...) |
(No difference)
|
Revision as of 12:24, 29 April 2015
Applies To
This information applies to
- all innovaphone devices from V11r1
Overview
In TLS connections certificates are used for validating the identity of the server, or optionally the client as well. The certificate validation involves the following two main types of checks:
- Trust
- Is the certificate itself in the trust list? Is any of the CAs in the certificate chain in the trust list?
- Naming
- Does one of the names in the certificate match the name of the remote endpoint? For example if you open
https://www.example.com
the web browser checks if the certificate contains "www.example.com" as a name.
This article summarizes the requirements to trust relationships and certificate names in different scenarios.
Registration using H323/TLS
Authentication using username and password
- Certificate of the PBX
no requirements
- Certificate of the Phone
no requrements
Authentication using certificate
- Certificate of the PBX
no requirements
- Certificate of the Phone
- has to be trusted by the PBX
- has to contain the registration name or the hardware ID (e.g. 0090332f688a or IP222-2f-68-8a) if no registaion name is configured.