User's Manual
106
Document #: LTRT-89729
Mediant 3000
5.
Copy the text and send it to your security provider. The security provider, also known
as Certification Authority or CA, signs this request and then sends you a server
certificate for the device.
6.
Save the certificate to a file (e.g., cert.txt). Ensure that the file is a plain-text file
containing the"‘BEGIN CERTIFICATE" header, as shown in the example of a Base64-
Encoded X.509 Certificate below:
-----BEGIN CERTIFICATE-----
MIIDkzCCAnugAwIBAgIEAgAAADANBgkqhkiG9w0BAQQFADA/MQswCQYDVQQGEw
JGUjETMBEGA1UEChMKQ2VydGlwb3N0ZTEbMBkGA1UEAxMSQ2VydGlwb3N0ZSBT
ZXJ2ZXVyMB4XDTk4MDYyNDA4MDAwMFoXDTE4MDYyNDA4MDAwMFowPzELMAkGA1
UEBhMCRlIxEzARBgNVBAoTCkNlcnRpcG9zdGUxGzAZBgNVBAMTEkNlcnRpcG9z
dGUgU2VydmV1cjCCASEwDQYJKoZIhvcNAQEBBQADggEOADCCAQkCggEAPqd4Mz
iR4spWldGRx8bQrhZkYhb7+4Q67ecf1janH7GcN/SXsfx7jJpreWUL
f7v7Cvpr4R7qIJcmdHIntmf7JPM5n6cDBv17uSW63er7NkVnMFHwK1QaGFLMyb
FkzaeGrvFm4k3lRefFhJgHYezYHf44LvPRPAq3o8pWDguJ
uZDIULPwvRw==
-----END CERTIFICATE-----
7.
Scroll down to the
Upload certificates files from your computer
group, click the
Browse
button corresponding to the 'Send Device Certificate...' field, navigate to the
cert.txt file, and then click
Send File
.
8.
After the certificate successfully loads to the device, save the configuration with a
device reset (see 'Saving Configuration' on page
); the Web interface uses the
provided certificate.
9.
Open the Certificates page again and verify that under the
Certificate information
group (at the top of the page), the 'Private key' read-only field displays "OK";
otherwise, consult your security administrator:
Figure
9-2: Private key "OK" in Certificate Information Group
10.
If the device was originally operating in HTTPS mode and you disabled it in Step 2,
then return it to HTTPS by setting the 'Secured Web Connection (HTTPS)' parameter
to
HTTPS Only
, and then reset the device with a flash burn.
Notes:
•
The certificate replacement process can be repeated when necessary
(e.g., the new certificate expires).
•
It is possible to use the IP address of the device (e.g., 10.3.3.1) instead
of a qualified DNS name in the Subject Name. This is not recommended
since the IP address is subject to change and may not uniquely identify
the device.
•
The device certificate can also be loaded via the Automatic Update
Facility by using the HTTPSCertFileName
ini
file parameter.
9.2
Loading a Private Key
The device is shipped with a self-generated random private key, which cannot be extracted
from the device. However, some security administrators require that the private key be
generated externally at a secure facility and then loaded to the device through
configuration. Since private keys are sensitive security parameters, take precautions to
Summary of Contents for Mediant 3000
Page 2: ......
Page 26: ...User s Manual 26 Document LTRT 89729 Mediant 3000 Reader s Note...
Page 27: ...Part I Getting Started with Initial Connectivity...
Page 28: ......
Page 40: ...User s Manual 40 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 41: ...Part II Management Tools...
Page 42: ......
Page 44: ...User s Manual 44 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 80: ...User s Manual 80 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 98: ...User s Manual 98 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 103: ...Part III General System Settings...
Page 104: ......
Page 113: ...Part IV General VoIP Configuration...
Page 114: ......
Page 144: ...User s Manual 144 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 164: ...User s Manual 164 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 222: ...User s Manual 222 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 224: ...User s Manual 224 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 275: ...Part V Gateway and IP to IP Application...
Page 276: ......
Page 278: ...User s Manual 278 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 399: ...Part VI Session Border Controller Application...
Page 400: ......
Page 402: ...User s Manual 402 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 464: ...User s Manual 464 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 465: ...Part VII Stand Alone Survivability Application...
Page 466: ......
Page 474: ...User s Manual 474 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 494: ...User s Manual 494 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 497: ...Part VIII IP Media Capabilities...
Page 498: ......
Page 501: ...Part IX High Availability System...
Page 502: ......
Page 515: ...Part X Maintenance...
Page 516: ......
Page 522: ...User s Manual 522 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 524: ...User s Manual 524 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 552: ...User s Manual 552 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 562: ...User s Manual 562 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 565: ...Part XI Status Performance Monitoring and Reporting...
Page 566: ......
Page 578: ...User s Manual 578 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 609: ...Part XII Diagnostics...
Page 610: ......
Page 624: ...User s Manual 624 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 626: ...User s Manual 626 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 638: ...User s Manual 638 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 639: ...Part XIII Appendix...
Page 640: ......
Page 864: ...User s Manual 864 Document LTRT 89729 Mediant 3000 Reader s Notes...
Page 871: ...Version 6 6 871 Mediant 3000 User s Manual 55 Selected Technical Specifications Reader s Notes...