Certificates and Security Profiles within a Provisioned System

When your RealPresence Group Series system is provisioned through the RealPresence Resource Manager system and you use PKI certificates, consider the following information. Be sure to enable provisioning after you follow the procedures applicable to each Security Profile type.

  • To use the Maximum Security Profile with provisioning:
    • The RealPresence Resource Manager system must be using Maximum Security Mode.

    • You must manually assign the Maximum Security Profile to the system during installation using the setup wizard, or afterwards using the system web interface.

    • You must use full PKI and observe the following procedures before you enable provisioning on the system:
      1. You must install a signed client certificate on the system to enable the provisioning connection to be authenticated by the RealPresence Resource Manager system.
      2. Decide whether to automatically validate web clients by enabling the Always Validate Peer Certificates from Browsers setting. If you do enable the setting, you'll need to install a signed server certificate and all of the CA certificates needed to validate browser certificates for all web clients. Then configure the certificate revocation method.
      3. Decide whether to validate servers by enabling the Always Validate Peer Certificates from Servers setting. If you do enable the setting, you must install of the CA certificates needed to validate server certificates from all remote servers. Then adjust the certificate revocation method accordingly. For example, you might need to load additional CRLs if you use the CRL revocation method).
  • To use the Medium or High Security Profile with provisioning:
    • The RealPresence Resource Manager system must be using commercial mode.

    • You must manually assign the Medium or High Security Profile to the system during installation using the setup wizard, or afterwards using the system web interface.

    • Configure PKI according to your company's guidelines.

  • To use the Low Security Profile with provisioning:
    • The RealPresence Resource Manager system must be using commercial mode.

    • You can enable provisioning in the setup wizard. All provisionable settings are taken from the RealPresence Resource Manager system.