System Security
Polycom, Inc. 41
Certificate Settings
The following table describes the fields on the Certificate Settings page.
Column Description
Enable OCSP Enables the use of Online Certificate Status Protocol as a means of obtaining the
revocation status of a certificate presented to the system.
If OCSP responder URL is not specified, the system checks the certificate’s
AuthorityInfoAccess (AIA) extension fields for the location of an OCSP responder:
• If there is none, the certificate fails validation.
• Otherwise, the system sends the OCSP request to the responder identified in the
certificate.
If OCSP responder URL is specified, the system sends the OCSP request to that
responder.
The responder returns a message indicating whether the certificate is good, revoked, or
unknown.
If OCSP certificate is specified, the response message must be signed by the specified
certificate’s private key.
OCSP responder URL Identifies the responder to be used for all OCSP requests, overriding the AIA field
values.
If OCSP certificate is specified, the response message must be signed by the specified
certificate’s private key.
OCSP certificate Select a certificate to require OCSP response messages to be signed by the specified
certificate’s private key.
Store OCSP
Configuration
Saves the OCSP configuration.
Identifier Common name of the certificate.
Purpose Kind of certificate:
• Server SSL is the RealPresence DMA system’s public certificate, which it presents to
identify itself. By default, this is a self-signed certificate, not trusted by other devices.
• Trusted Root CA is the root certificate of a certificate authority that the RealPresence
DMA system trusts.
• Intermediate CA is a CA certificate that trusted root CAs issue themselves to sign
certificate signing requests (reducing the likelihood of their root certificate being
compromised). If the RealPresence DMA system trusts the root CA, then the chain
consisting of it, its intermediate CA certificates, and the server certificate will all be
trusted.
Expiration Expiration date of certificate.