172
Configuring the phone via the Web configurator
Gigaset C590 IP / IM-OST EN / A31008-M2215-R601-1-TE19 / web-conf.fm / 22.12.10
V
e
rsion 4, 16.0
9
.2005
Making security settings – managing certificates for
TLS authentication
The phone supports the establishment of secure data connections on the Internet
with the TLS security protocol (Transport Layer Security). With TLS, the client (the
phone) uses certificates to identify the server. These certificates must be stored on
the base.
You can manage TLS certificates using the Web page:
Settings
¢
Telephony
¢
Security
This page contains the
Server Certificates / CA Certificates
lists. They contain the
certificates saved in the base. The certificates have either already been saved on the
base by default, or you have downloaded them to your base via the
Security
Web
page.
The
Invalid Certificates
list contains the certificates received from servers that have
not passed the certificate check when establishing a connection, and certificates
from the
Server Certificates /
CA Certificates lists that have become invalid
(e.g., because they have expired).
You can remove certificates and download new certificates to the base, and you can
also accept or reject invalid certificates.
If the connection to a data server on the Internet is not made because the phone
does not accept the certificate received from the server (e.g., when downloading
your e-mail messages from the POP3 server), you will be prompted to open the
Security
Web page.
The
Invalid Certificates
list contains the certificate used to make the connection.
You can display information on the certificate by marking it and clicking on the
[Details]
button. This information includes who issued the certificate (certification
authority) and who for, as well at its validity period.
You must use the information to decide whether to accept or reject the certificate.
If you accept the certificate, depending on its type, it is transferred to one of the
Server Certificates / CA Certificates
lists (even if it has already expired). If a server
responds again with this certificate, this connection is accepted immediately.
If you decline the certificate, it is transferred to the
Server Certificates
list with the
label
(rejected)
. If a server responds again with this certificate, this connection is
rejected immediately.
Please note
Observe the following for good voice quality:
u
When making calls using VoIP, avoid performing other Internet activities
(e.g., surfing the Internet).
u
Please note that voice delays can occur depending on the codec used and
the network capacity utilisation.