RealPresence Collaboration Server (RMX) 1500/1800/2000/4000 Administrator’s Guide
Polycom®, Inc. 807
4 Optional. If CSR was selected as the Certificate Method:
a Click Create Certificate Request.
The Create Certificate Request dialog box is displayed with the Common Name field filled in.
b Complete the Certificate Request fields.
The two additional fields are defined as:
Subject Alternative Name (SAN) - This field is required when using EAP-TLS in conjunction
with a Network Policy Server (MS-NPS). It allows the optional inclusion of:
- Principle Name
- DNS Name:
Long – FQDN
Short - Host only
- IP Address (IPv4 and IPv6)
When the Subject Alternative Name (SAN) check box is selected the input box becomes
active, allowing the user to modify the example values provided, to match local certificate
requirements and delete those that are not applicable.
The user can add up to 20 different SANs. If an incorrect SAN type is entered, an error
message, Unsupported SAN type, is displayed when the Send Details button is clicked.
Hash Method - Select the output value for the Secure Hash Algorithm:
- SHA-256 the output value is 256 bits.
- SHA-1 the output value is 160 bits.
For backward compatibility, with previous versions, either SHA-1 or SHA-256 can be selected
as the hash algorithm used in the creation of CSRs (Certificate Signing Requests).
5Click Send Certificate.
For all certificates, both Management and SIP TLS:
● Once the certificate is sent a message is displayed indicating successful installation of the certificate
and the new certificate replaces the old certificate.
● If the certificate installation fails the old certificate continues to function and a message is displayed
indicating one of the following the reasons for the failure:
Invalid password.
Certificate expired.
Certificate DNS name does not match Collaboration Server (service) DNS name.
Chain is not trusted
The SAN field option - DNS Name (FQDN) is not used for Machine Account validation. For example,
the DMA will not validate the Collaboration Server unless the FQDN field in the User Properties
dialog box is correctly filled in.