Manualshelf

User`s manual

ManualsBrandsAudioCodes ManualsNetworkingMediant 1000
331332333334335336337338339340
H.323 User's Manual 13. Security
Version 5.0 333 December 2006
¾ To install a client certificate, take these 6 steps:
1. Before continuing, set HTTPSOnly = 0 to ensure you have a method of accessing the
device in case the client certificate doesn’t work. Restore the previous setting after
testing the configuration.
2. Open the ‘Certificates’ screen (Advanced Configuration menu > Security Settings
submenu > Certificates option); the ‘Certificates’ screen is displayed (Figure 13-9).
3. To load the Trusted Root Certificate file locate the trusted root certificate loading
section.
4. Click Browse and navigate to the file, click Send File.
5. When the operation is completed, set the ini file parameter,
HTTPSRequireClientCertificates = 1.
6. Save the configuration (Section 5.9.2 on page 193) and restart the Mediant 1000.
When a user connects to the secure Web server:
If the user has a client certificate from a CA listed in the Trusted Root Certificate file,
the connection is accepted and the user is prompted for the system password.
If both the CA certificate and the client certificate appear in the Trusted Root
Certificate file, the user is not prompted for a password (thus providing a single-sign-
on experience - the authentication is performed using the X.509 digital signature).
If the user doesn’t have a client certificate from a listed CA, or doesn’t have a client
certificate at all, the connection is rejected.
Notes:
The process of installing a client certificate on your PC is beyond the
scope of this document. For more information, refer to your Web
browser or operating system documentation, and/or consult your
security administrator.
The root certificate can also be loaded via ini file using the parameter
‘HTTPSRootFileName’.