Aastra Telecom 9143i Series IP Phone User Manual


  Open as PDF
of 1184
 
Network Settings
4-44 41-001160-03, Rev 00, Releaes 2.4
IP Phone Administrator Guide
HTTPS Server Certificate Validation
The HTTPS client on the IP Phones support validation of HTTPS certificates.
This feature supports the following:
Verisign, GeoTrust, and Thawte signed certificates
User-provided certificates
Checking of hostnames
Checking of certificate expiration
Ability to disable any or all of the validation steps
Phone displays a message when a certificate is rejected (except on check-sync
operations)
All validation options are enabled by default.
Certificate Management
Aastra Provided Certificates
The phones come with root certificates from Verisign, GeoTrust, and Thawte
pre-loaded.
User Provided Certificates
The administrator has the option to upload their own certificates onto the phone.
The phone downloads these certificates in a file of .PEM format during boot time
after configuration downloads. The user-provided certificates are saved on the
phone between firmware upgrades but are deleted during a factory default. The
download of the User-provided certificates are based on a filename specified in
the configuration parameter, https user certificates (Trusted Certificates
Filename in the Aastra Web UI; User-provided certificates are not configurable
via the IP Phone UI).
Note: Certificates that are signed by providers other than Verisign,
GeoTrust or Thwate do not verify on the phone by default. The user can
overcome this by adding the root certificate of their certificate provider to
the use-provided certificate .PEM file.
Draft 1