Certificate Signing Request Requirements

Whether you need to generate a client-type CSR, a server-type CSR, or both depends on which features and services you intend to use, and whether your network environment supports certificate-based authentication for those services. In most cases, both certificates are needed for RealPresence Group Series systems.

For example, if your system is configured to use any of the following features, and the servers providing those services perform certificate-based authentication before allowing access to them, you must create a client-type CSR and add the resulting certificate signed by the CA:
  • RealPresence Resource Manager system Provisioning

  • RealPresence Resource Manager system Monitoring

  • RealPresence Resource Manager system LDAP Directory

  • RealPresence Resource Manager system Presence

  • Calendaring

  • SIP

  • 802.1X

The system web server uses the server-type CSR and resulting certificate whenever a user attempts to connect to the system web interface. The web server does so by presenting the server certificate to the browser to identify the system to the browser as part of allowing the browser to connect to the system. The browser's user needs the server certificate if he or she wants to be certain about the identity of the system he or she is connecting to. Settings in the web browser typically control the validation of the server certificate, but you can also validate the certificate manually.

To obtain a client or server certificate, you must first create a CSR. You can create one client and one server CSR and submit each to the appropriate CA for signing. After the CSR is signed by a CA, it becomes a certificate you can add to the system.