Filter
Top Products
183
D14049.04
JULY 2008
Grey Headline (continued)
TANDBERG VIDEO COMMUNICATIONS SERVER
ADMINISTRATOR GUIDE
Introduction Getting Started
Overview and
Status
System
Conguration
VCS
Conguration
Zones and
Neighbors
Call
Processing
Bandwidth
Control
Firewall
Traversal
Appendices
Applications Maintenance
Security
For extra security, you may wish to have the
VCS communicate with other systems (e.g.
servers such as LDAP servers, neighbor VCSs,
or clients such as SIP endpoints) using TLS
encryption.
For this to work successfully in a connection
between a client and server:
the server must have a certicate installed
•
that veries its identity. This certicate
must be signed by a Certicate Authority
(CA).
the client must trust the CA that signed the
•
certicate used by the server.
The VCS allows you to install appropriate les
so that it can act as either a client or a server
in connections using TLS.
For an endpoint to VCS connection, the
VCS will be the TLS server. For a VCS
to LDAP server connection, the VCS will
be a client. For a VCS to VCS connection either
VCS may be the client with the other VCS being
the TLS server.
Select the le containing...
Allows you to upload a PEM le that identies
the list of Certicate Authorities trusted by
the VCS. The VCS will only accept certicates
signed by a CA on this list. If you are
connecting to an LDAP database using TLS
encryption, the certicate used by the LDAP
database must be signed by a CA on this list.
Upload CA certicate
Click here once you have selected the le to
upload it.
Select the server private key le
Allows you to upload a PEM le that identies
the private key used to encrypt the server
certicate used by the VCS. This private key
must not be password protected.
Select the server certicate le
Allows you to upload a PEM le that
contains the server certicate used for
HTTPS connections to the VCS from user
or administrator web browsers, and by SIP
endpoints or servers connecting to the VCS
over TLS.
Show server certicate
Shows you the currently uploaded PEM le containing the certicate used by the VCS to identify
itself to SIP and HTTPS clients when communicating over SSL/TLS.
Overview
To enable security using the web interface:
Maintenance > Security
•
.
You will be taken to the Security page.
Upload server certicate data
Click here once you have selected both the
private key and certicate les to upload them.
Enabling Security
Show CA certicate
Shows you the currently uploaded PEM le
that identies the list of Certicate Authorities
trusted by the VCS.
The les that enable secure
connections over TLS are installed via
the web interface. They cannot be
installed using the CLI.