Set Up A Locally Significant Certificate - Cisco 8832 Administration Manual

Set Up a Locally Significant Certificate

Feature
AES 256 Encryption
Related Topics
Set Up a Locally Significant Certificate
Before you begin
Make sure that the appropriate Cisco Unified Communications Manager and the Certificate Authority Proxy
Function (CAPF) security configurations are complete:
• The CTL or ITL file has a CAPF certificate.
• In Cisco Unified Communications Operating System Administration, verify that the CAPF certificate is
• The CAPF is running and configured.
For more information about these settings, see the documentation for your particular Cisco Unified
Communications Manager release.
Procedure
Step 1 Obtain the CAPF authentication code that was set when the CAPF was configured.
Step 2
From the phone, choose Settings.
Step 3 Choose Admin Settings > Security Setup.
Cisco IP Conference Phone 8832 Administration Guide for Cisco Unified Communications Manager
72
Cisco Unified Communications Manager
installed.
Cisco IP Conference Phone Administration
Description
When connected to Cisco Unified Communications
Manager Release 10.5(2) and later, the phones support
AES 256 encryption support for TLS and SIP for
signaling and media encryption. This enables phones
to initiate and support TLS 1.2 connections using
AES-256 based ciphers that conform to SHA-2
(Secure Hash Algorithm) standards and are Federal
Information Processing Standards (FIPS) compliant.
The new ciphers are:
• For TLS connections:
• TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
• TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
• For sRTP:
• AEAD_AES_256_GCM
• AEAD_AES_128_GCM
For more information, see the Cisco Unified
Communications Manager documentation.
Documentation, on page 12