beautypg.com

Security, Overview, Enabling security – TANDBERG Security Camera User Manual

Page 165: Manage security certificates

background image

165

D14049.03
MAY 2008

Grey Headline (continued)

TANDBERG

VIDEO COMMUNICATIONS SERVER

ADMINISTRATOR GUIDE

Introduction

Getting Started

Overview and

Status

System

Configuration

VCS

Configuration

Zones and

Neighbors

Call

Processing

Bandwidth

Control

Firewall

Traversal

Maintenance

Appendices

Security

For extra security, you may wish to have the
VCS communicate with other systems (e.g.
servers such as LDAP servers or clients such
as SIP endpoints) using TLS encryption.

For this to work successfully in a connection
between a client and server:

the server must have a certificate installed

that verifies its identity. This certificate
must be signed by a Certificate Authority
(CA).
the client must trust the CA that signed the

certificate used by the server.

The VCS allows you to install appropriate files
so that it can act as either a client or a server
in connections using TLS.

Select the file containing...

Allows you to upload a PEM file that identifies
the list of Certificate Authorities trusted by
the VCS. The VCS will only accept certificates
signed by a CA on this list. If you are
connecting to an LDAP database using TLS
encryption, the certificate used by the LDAP
database must be signed by a CA on this list.

Upload CA certificate

Click here once you have selected the file to
upload it.

Select the server private key file

Allows you to upload a PEM file that identifies
the private key used to encrypt the server
certificate used by the VCS. This private key
must not be password protected.

Select the server certificate file

Allows you to upload a PEM file that
contains the server certificate used for
HTTPS connections to the VCS from user
or administrator web browsers, and by SIP
endpoints or servers connecting to the VCS
over TLS.

Show server certificate

Shows you the currently uploaded PEM file containing the certificate used by the VCS to identify
itself to SIP and HTTPS clients when communicating over SSL/TLS.

Overview

To enable security using the web interface:

Maintenance > Security

.

You will be taken to the

Security

page.

Upload server certificate data

Click here once you have selected the files to
upload them.

Enabling Security

Show CA certificate

Shows you the currently uploaded PEM file
that identifies the list of Certificate Authorities
trusted by the VCS.

The files that enable secure
connections over TLS are installed via
the web interface. They cannot be

installed using the CLI.

See also other documents in the category TANDBERG Video surveillance systems: