Using the Factory-Installed Certificate

A factory-installed device certificate is installed at the time of manufacture and is unique to a device (based on the MAC address) and signed by the Polycom Certificate Authority (CA).

Since it is installed at the time of manufacture, it is the easiest option for out-of-box activities, especially phone provisioning.

You can use the factory-installed certificate for all your security needs. To configure your web servers and/or clients to trust the Polycom factory-installed certificates, you must download the Polycom Root CA certificate, which is available at You may also need to download the Intermediate CA certificates if determined by the authenticating server.

The location of the Certificate Revocation List (CRL)—a list of all expired certificates signed by the Polycom Root CA—is part of the Polycom Root CA digital certificate. If you enable Mutual TLS, you must have a root CA download (the Polycom Root CA certificate or your organization's CA) on the HTTPS server.

The certificate is set to expire on March 9, 2044.

Note: For more information on using Mutual TLS with Microsoft Internet Information Services (IIS) 6.0, see Mutual Transport Layer Security Provisioning Using Microsoft Internet Information Services 6.0: Technical Bulletin 52609 at Polycom Engineering Advisories and Technical Notifications.