RMX 2000 Administrator's Guide Version 7.6.1 - Polycom

Offline Certificate Validation
Appendix F-Secure Communication Mode
Offline Certificate Validation has been enhanced to include the following rules and
procedures:
Peer Certificates
The diagram below illustrates the peer certificate validation procedure.
• The credentials of each certificate received from a networked peer are verified against a
repository of trusted certificates. (Each networked entity contains a repository of
trusted certificates.)
• The digital signature of the certificate’s issuing authority is checked along with the
certificate’s validity (expiration date).
Self Validation of Certificates
• The DNS name field in the entity’s certificate is checked for a match with the entity’s
DNS name.
• The date of the RMX’s certificate is checked for validity during power-up and when
connecting to management applications (RMX Web Client and RMX Manager).
Certificate Revocation List
• Each certificate received from a networked peer is verified against a repository of
revoked certificates. (Each networked entity contains a repository of revoked
certificates.
• Revocation certificates are checked against a list of trusted issuers.
• The digital signature of the issuing authority of the revocation certificate is verified.
Installing and Using Certificates on the RMX
The following certificate file formats are supported:
• PEM
• DER
• PKCS#7/P7B
• PKCS#12PFX
Polycom, Inc. F-9