Polycom 2000 Security Camera User Manual


  Open as PDF
of 1183
 
RealPresence Collaboration Server (RMX) 1500/1800/2000/4000 Administrator’s Guide
Polycom®, Inc. 812
Revocation Method
One of three Certificate Revocation Methods can be selected:
NONE (Default) - Certificate Revocation is not implemented.
CRL - Requires at least one CRL file be installed, failing which an error message, At least one CRL
should be installed, is displayed.
OCSP - When selected, additional configuration options are displayed.
Global Responder URL
The format of the URL is validated and must be of the format:
http(s)://responder.example.com/ocsp
The URL can be either http or https.
If the Global Responder URL does not respond an Active Alarm is raised.
Use Responder Specified in Certificate
The default for this check box is unchecked.
If the check box is checked Responder URL is taken from the certificate. If the certificate does
not contain a Responder URL, the Global Responder URL is used.
If the check box is unchecked the Global Responder URL is used. If the Global Responder
URL is incorrectly configured a message, Global responder URL must be configured, is
displayed.
Allow Incomplete Revocation Checks
If OCSP is selected:
If the check box is checked and the Global Responder or the Responder Specified in the
Certificate does not respond for any reason the certificate is not considered revoked.
If the check box is unchecked and the Global Responder or the Responder Specified in the
Certificate does not respond for any reason the certificate is considered revoked.
If CRL is selected:
If the check box is checked and the CRL of the specific CA is not loaded, all Certificates are
the CA are not considered revoked.
If the check box is unchecked and the CRL of the specific CA is not loaded, all Certificates
are the CA are considered revoked.
Skip Certificate Validation for OSCP Responder
No Certificate Validation is performed.
System Flag:
Should intermittent login pr
ob
lems occur when logging in to the Collaboration Server’s Management
Network, the OCSP_RESPONDER_TIMEOUT system flag can be manually added to system.cfg
and its value set to the number of seconds the Collaboration Server is to wait for an OCSP response
from the OCSP Responder before failing the connection.
Default: 3 (seconds)
Range: 1-20 (seconds)