You can change the certificate installed on the Sonus SBC 1000/2000 system by obtaining the signed certificate from a Trusted CA or from a local Stand-Alone Windows Certificate Authority, and importing it as outlined in the instructions on this page.
Before importing a new Signed Server Certificate, you must first import a valid Trusted CA Certificate.
SHA2-256 Certificate Compatibility
SHA2-256 CA Certificates may be used for the SBA, SBC, and Lync 2013 Servers. Lync 2010 requires that all devices employ ALL SHA1 Certificates. For more information see the Microsoft SHA1 Deprecation Policy.
In the left navigation pane, go to Security > SBC Certificates > Sonus Certificate.
This field displays the enhanced key usage regarding the purposes for which the subject's public key may be used.
TLS Web Server Authentication usage purpose is required in order to be compatible with some browsers.
Displays the key usage for defining the purposes of the key contained in the certificate.
Non-repudiation service purpose is disallowed in order to be compatible with some browsers.
To import an X.509 signed certificate:
Chose the import mode(Copy and Paste or File Upload) from the Mode pull-down menu.
To import a PKCS12 Certificate and Key:
Select PKCS12 Certificate and Key from the Importmenu at the top of the page.
Browse for the PKCS certificate and key file.
Once you have imported the Signed Server Certificate:
Ensure that the Verify Status field indicates OK.
If the Verify Status field does not indicate OK, repeat the steps aboveto obtain a valid certificate.