Specifications
A31003-D3000-M100-02-76A9, 11-2013
OpenScape Desk Phone IP V3R3, Phone Administration, Administrator Documentation 91
Administration
Security
3.4.6 Certificate Policy
Related To pics
Related Topics
• Security
• Online Certificate Check
• Server Authentication Policy
3.4.6.1 Online Certificate Check
The Online Certificate Status Protocol (OCSP) is used to check if a certificate to
be used has been revoked. This protocol is used to query an Online Certificate
Status Responder (OCSR) at the point when the certificate is being validated. The
address of an OCSR can be configured on the phone and can also be obtained
from the certificate to be checked (which will have the priority).
When OCSP check is activated, the configured OCSR is requested to check if
the certificate has been revoked.
OCSR 1 address specifies the IP address (or FQDN) of a primary OCSP
responder.
OCSR 2 address specifies the IP address (or FQDN) of a secondary OCSP
responder.
Administration via WBM
Security and Policies > Certificates > Generic
Related To pics
Related Topics
• Certificate Policy
3.4.6.2 Server Authentication Policy
For individual certificates provided by specific servers, the level of authentication
can be configured. When None is selected, no certificate check is performed.
With Trusted, the certificate is only checked against the signature credentials
provided by the remote entity for signature, and the expiry date is checked. When
Full is selected, the certificate is fully checked against the credentials provided by
the remote entity for signature, the fields must match the requested subject/
usage, and the expiry date is checked.