Certificate Requirements

When used with the Polycom Device Management Service for Enterprise, the Poly Cloud Relay requires valid PFX certificate that has full certificate chains.

Your certificate should meet the following requirements:
  • The certificate issued for the Poly Cloud Relay requires an Enhanced Key Usage (EKU) of Server Authentication (1.3.6.1.5.5.7.3.1).
  • Either the Subject (CN) or the Subject Alternative Name (DNS) must contain the FQDN used to reach the Poly Cloud Relay by the Polycom device.
  • Do not use IP addresses as identifying attributes for either the CN or SAN.
  • Multiple Poly Cloud Relays can leverage the same certificate as long as you define all the associated FQDNs within the Subject Alternative Name.
  • If a Polycom device connects directly to the Poly Cloud for configuration, you can use private Certification Authorities to sign the Poly Cloud Relay Certificates, as the Polycom Device Management Service for Enterprise can install the root CA.
  • If a Polycom device connects to the Poly Cloud through Poly Cloud Relay, Polycom recommends a Public Certification Authority signed certificate for installation on Poly Cloud Relay so that the Polycom device can talk to Poly Cloud Relay out of the box. If you use a private Certification Authority to sign the Poly Cloud Relay certificate, you must manually install the Platform Root CA on each device before you can provision it for software and configuration updates.