A31003-D3000-M100-02-76A9, 11-2013
OpenScape Desk Phone IP V3R3, Phone Administration, Administrator Documentation
91
Administration
Security
3.4.6 Certificate Policy
Related Topics
Related Topics
•
Security
•
Online Certificate Check
•
Server Authentication Policy
3.4.6.1 Online Certificate Check
The Online Certificate Status Protocol (OCSP) is used to check if a certificate to
be used has been revoked. This protocol is used to query an Online Certificate
Status Responder (OCSR) at the point when the certificate is being validated. The
address of an OCSR can be configured on the phone and can also be obtained
from the certificate to be checked (which will have the priority).
When
OCSP check
is activated, the configured OCSR is requested to check if
the certificate has been revoked.
OCSR 1 address
specifies the IP address (or FQDN) of a primary OCSP
responder.
OCSR 2 address
specifies the IP address (or FQDN) of a secondary OCSP
responder.
Administration via WBM
Security and Policies > Certificates > Generic
Related Topics
Related Topics
•
Certificate Policy
3.4.6.2 Server Authentication Policy
For individual certificates provided by specific servers, the level of authentication
can be configured. When
None
is selected, no certificate check is performed.
With
Trusted
, the certificate is only checked against the signature credentials
provided by the remote entity for signature, and the expiry date is checked. When
Full
is selected, the certificate is fully checked against the credentials provided by
the remote entity for signature, the fields must match the requested subject/
usage, and the expiry date is checked.