System Security
Polycom, Inc. 40
Frequently Asked Questions
Q. Is it secure to send my certificate request through email?
A. Yes. The certificate request, signed certificate, intermediate certificates, and authority certificates
that are sent through email don’t contain any secret information. There is no security risk in letting
untrusted third parties see their contents.
As a precaution, you can verify the certificate fingerprints (which can be found in the Certificate
Details popup) with the certificate authority via telephone. This ensures that a malicious third party
didn’t substitute a fake email message with fake certificates.
Q. Why doesn’t the information on the Certificate Details popup match the information that I filled out
in the signing request form?
A. Commercial certificate authorities routinely replace the organizational information in the certificate
with their own slightly different description of your organization.
Q. I re-installed the Polycom RealPresence DMA system software. Why can’t I re-install my signed
public certificate?
A. X.509 certificates use public/private key pair technology. The public key is contained in your public
certificate and is provided to any web browser that asks for it. The private key never leaves the
Polycom RealPresence DMA system.
As part of software installation, the Polycom RealPresence DMA system generates a new
public/private key pair. The public key from your old key pair can’t be used with the new private key.
To re-use your signed public certificate, try restoring from backup. Both the public and private keys
are saved as part of a backup file. Alternatively, if the certificate you want to reinstall is a PKCS#12
certificate, it contains a private key and will replace both the public key and the private key generated
at installation time.
See also:
System Security
Certificate Settings
Certificate Procedures