Polycom RealPresence Collaboration Server (RMX) 1500/2000/4000 Administrator’s Guide
F-2 Polycom, Inc.
— Client Authentication
— Server Authentication
The certificate template used by your CA server may need modification to meet the RMX
requirements.
Certificate Requirements for Polycom Devices
Each Polycom device must have security certificates for the entire Chain Of Trust.
The RMX must have:
• The public certificate of each server in the CA Chain or hierarchy that issued its
certificate.
For example: RootCA IntermediateCA SubCA
The public certificates of the chain that issued the administrator’s identity certificate. For
example: UserRootCA UserIntermediateCA UserSubCA
Configure Certificate Management
Within a PKI environment, certificate revocation policies are used to ensure that certificates
are valid. Certificates can expire or be revoked for various reasons (RFC 5280).
The RMX enforces these certificate revocation policies through Certificate Revocation Lists
(CRLs). CRLs are required for each CA Chain in use by the RMX. These CRL files must be
kept current
Switching to Secure Mode
The following operations are required to switch the MCU to Secure Mode:
• Purchase and Install the SSL/TLS certificate
• Modify the Management Network settings
• Create/Modify the relevant System Flags
Purchasing a Certificate
Once a certificate is purchased and received it is stored in the MCU and used for all
subsequent secured connections.
To create/purchase a certificate:
1 In the RMX menu, click Setup > RMX Secured Communication > Create certificate
request.