Support User Manuals

Aastra Telecom 41-001343-02 IP Phone User Manual

Open as PDF

of 876

Administrator Level Options

3-33 41-001343-02 REV04 – 05.2014

Cert Validation Validate Certificates https validate certificates Enables or disables the HTTPS validation of certificates on the

phone. When this parameter is set to 1, the HTTPS client per-

forms validation on SSL certificates before accepting them.

Notes:

• If you are using HTTPS as a configuration method, and use a

self signed certificate, you must set this parameter to “0”

(disabled) before upgrading to Release 2.3 or later of the IP

Phones.

• If you are using HTTPS and the certificates are not valid or

are not signed by Verisign, Thawte, or GeoTrust, Comodo,

Entrust, or CyberTrust, the phones fail to download config-

uration files.

• Defining this parameter as "0" (disabled) significantly

reduces security for the provisioning process to encryption

only. Validation of the chain-of-trust (i.e. the originator of

the files) will not be performed if this feature is disabled.

Therefore, disabling HTTPS validation of certificates is only

recommended for troubleshooting purposes or when self-

signed certificates are in use.

For more information, see Chapter 4, “HTTPS Server Certifi-

cate Validation” on page4-36.

Check Expires Check Certificate Expira-

tion

https validate expires Enables or disables the HTTPS validation of the expiration of

the certificates. When this parameter is set to 1, the HTTPS cli-

ent verifies whether or not a certificate has expired prior to

accepting the certificate.

Note:

If the “https validate expires” parameter is set to enable, the

clock on the phone must be set for the phone to accept the

certificates.

For more information, see Chapter 4, “HTTPS Server Certifi-

cate Validation” on page4-36.

Check Hostnames Check Certificate Host-

names

https validate hostname Enables or disables the HTTPS validation of hostnames on the

phone.

For more information, see Chapter 4, “HTTPS Server Certifi-

cate Validation” on page4-36.

N/A Trusted Certificates

Filename

https user certificates Specifies a file name for a .PEM file located on the configura-

tion server. This file contains the User-provided certificates in

PEM format. These certificates are used to validate peer certif-

icates.

Note:

You must disable the “https validate certificates” parameter

in order for the phone to accept the User-provided certifi-

cates.

For more information, see Chapter 4, “HTTPS Server Certifi-

cate Validation” on page4-36.

Parameter In

IP Phone UI

Parameter in

Aastra Web UI

Parameters in Configuration

Files

Description

previous next