TLS Platform Profile and Application Profile Parameters

By default, all Polycom-installed profiles are associated with the default cipher suite and use trusted and widely recognized CA certificates for authentication.

The following table shows parameters for TLS Platform Profile 1. To configure TLS Platform Profile 2, use a 2 at the end of the parameter instead of a 1. For example, set device.sec.TLS.profile.caCertList2 instead of .caCertList1 .

You can use the parameters in the following table to configure the following TLS Profile feature options:
  • Change the cipher suite, CA certificates, and device certificates for the two platform profiles and the six application profiles.
  • Map profiles directly to the features that use certificates.
    Table 1. TLS Platform Profile and Application Profile Parameters

    Template

    Parameter

    Permitted Values

    Change Causes Restart or Reboot

    device.cfg, site.cfg

    device.sec.TLS.customCaCert1

    Specify a custom certificate.

    Null (default)

    String (maximum of 12288 characters)

    No

    device.cfg, site.cfg

    device.sec.TLS.profile.caCertList1

    Specify which CA certificates to use.

    Null (default)

    String (maximum of 1024 characters)

    No

    device.cfg, site.cfg

    device.sec.TLS.profile.cipherSuite1

    Specify the cipher suite.

    Null (default)

    String (maximum of 1024 characters)

    No

    device.cfg, site.cfg

    device.sec.TLS.profile.cipherSuiteDefault1

    Null (default)

    0 - Use the custom cipher suite.

    1 - Use the default cipher suite.

    No

    device.cfg, site.cfg

    device.sec.TLS.profile.deviceCert1

    Specify which device certificates to use.

    Builtin (default)

    Builtin, Platform1, Platform2

    No

    site.cfg

    sec.TLS.customCaCert.x

    The custom certificate for TLS Application Profile x (x= 1 to 6).

    Null (default)

    String

    No

    site.cfg

    sec.TLS.customDeviceKey.x

    The custom device certificate private key for TLS Application Profile x (x= 1 to 6).

    Null (default)

    String

    No

    site.cfg

    sec.TLS.profile.x.caCert.application1

    1 (default) - Enable a CA Certificate for TLS Application Profile 1.

    0 - Disable a CA Certificate for TLS Application Profile 1.

    No

    site.cfg

    sec.TLS.profile.x.caCert.application2

    1 (default) - Enable a CA Certificate for TLS Application Profile 2.

    0 - Disable a CA Certificate for TLS Application Profile 2.

    No

    site.cfg

    sec.TLS.profile.x.caCert.application3

    1 (default) - Enable a CA Certificate for TLS Application Profile 3.

    0 - Disable a CA Certificate for TLS Application Profile 3.

    No

    site.cfg

    sec.TLS.profile.x.caCert.application4

    1 (default) - Enable a CA Certificate for TLS Application Profile 4.

    0 - Disable a CA Certificate for TLS Application Profile 4.

    No

    site.cfg

    sec.TLS.profile.x.caCert.application5

    1 (default) - Enable a CA Certificate for TLS Application Profile 5.

    0 - Disable a CA Certificate for TLS Application Profile 5.

    No

    site.cfg

    sec.TLS.profile.x.caCert.application6

    1 (default) - Enable a CA Certificate for TLS Application Profile 6.

    0 - Disable a CA Certificate for TLS Application Profile 6.

    No

    site.cfg

    sec.TLS.profile.x.caCert.application7

    1 (default) - Enable a CA Certificate for TLS Application Profile 7.

    0 - Disable a CA Certificate for TLS Application Profile 7.

    No

    site.cfg

    sec.TLS.profile.x.caCert.defaultList

    Specifies the list of default CA Certificate for TLS Application Profile x (x=1 to 7).

    Null (default)

    String

    No

    site.cfg

    sec.TLS.profile.x.caCert.platform1

    1 (default) - Enable a CA Certificate for TLS Platform Profile 1.

    0 - Disable a CA Certificate for TLS Platform Profile 1.

    No

    site.cfg

    sec.TLS.profile.x.caCert.platform2

    1 (default) - Enable a CA Certificate for TLS Platform Profile 2.

    0 - Disable a CA Certificate for TLS Platform Profile 2.

    No

    site.cfg

    sec.TLS.profile.x.cipherSuite

    Specifies the cipher suite for TLS Application Profile x (x=1 to 8).

    Null (default)

    String

    No

    site.cfg

    sec.TLS.profile.x.cipherSuiteDefault

    1 (default) - Use the default cipher suite for TLS Application Profile x (x= 1 to 8).

    0 - Use the custom cipher suite for TLS Application Profile x (x= 1 to 8).

    No

    site.cfg

    sec.TLS.profile.x.deviceCert

    Specifies the device certificate to use for TLS Application Profile x (x = 1 to 7).

    Polycom (default)

    Platform1, Platform2, Application1, Application2, Application3, Application4, Application5, Application6,Application7

    No