Cisco TelePresence Administrator's Manual page 291
Video communication server
Hide thumbs
Also See for TelePresence:
- Administrator's manual (498 pages) ,
- Manual (24 pages) ,
- Specifications (7 pages)
Table of Contents
Advertisement
Maintenance
Enabling certificate-based authentication
The recommended procedure for enabling certificate-based authentication is described below:
1. Add the VCS's trusted CA and server certificate files (on the
certificate
pages, respectively).
2. Configure certificate revocation lists (on the
3. Use the
Client certificate testing
4. Set Client certificate-based security to Certificate validation (on the
5. Restart the VCS.
6. Use the
Client certificate testing
the username credentials from the certificate.
7. Only when you are sure that the correct username is being extracted from the certificate, set Client
certificate-based security to Certificate-based authentication.
Authentication versus authorization
When the VCS is operating in certificate-based authentication mode, user authentication is managed by a
process external to the VCS.
When a user attempts to log in to the VCS, the VCS will request a certificate from the client browser. The
browser may then interact with a card reader to obtain the certificate from the smart card (or alternatively the
certificate may already be loaded into the browser). To release the certificate from the card/browser, the user
will typically be requested to authenticate themselves by entering a PIN. If the client certificate received by
the VCS is valid (signed by a trusted certificate authority, in date and not revoked by a CRL) then the user is
deemed to be authenticated.
To determine the user's authorization level (read-write, read-only and so on) the VCS must extract the user's
authorization username from the certificate and present it to the relevant local or remote authorization
mechanism.
The following diagram shows an example authorization and authentication process. It shows how a
certificate is obtained from a card reader and then validated by the VCS. It then shows how the VCS obtains
the user's authorization level from an Active Directory service.
Cisco VCS Administrator Guide (X8.1.1)
CRL management
page to verify that the client certificate you intend to use is valid.
page again to set up the required regex and format patterns to extract
About security certificates
Trusted CA certificate
and
page).
System administration
Server
page).
Page 291 of 507
Advertisement
Table of Contents
Related Manuals for Cisco TelePresence
Related Products for Cisco TelePresence
- Cisco TelePresence Video Communication Server
- Cisco TD 92322GB
- Cisco TS MSE 8710
- Cisco TELEPRESENCE CALL DETAIL RECORDS FILE FORMAT -
- Cisco TELEPRESENCE MCU ACCESSING CONFERENCES -
- Cisco TelePresence System Codec C90: Profile 65"
- Cisco TELEPRESENCE MANAGEMENT SUITE
- Cisco TelePresence VX Clinical Assistant