MBG Client Certificates

This panel enables you to manage all Certificate Signing Requests (CSRs) in the queue of this server, and any signed certificates issued by this server's Certificate Authority (CA).

To begin the process of obtaining a certificate, the client application issues a CSR to the Mitel Networks CA on the MBG server. For details on how to do this, consult your application documentation. When the MBG server receives the CSR, it appears in a queue on the Certificate Management panel. You must then approve the CSR and issue the certificate by following the procedure found below. At the completion of these steps, authenticated connections will be possible.

If necessary, you may also reject CSRs that are pending approval, and revoke certificates that have previously been approved.

Note:

Before approving a CSR, you should establish the requester's identity by telephone or email. If you approve a CSR without being certain of the requester's identity, you may open a security breach in your network.
The MBG server is limited to accepting 50 concurrent CSRs.

Approve or Reject a Certificate Signing Request

To approve or reject a CSR:

Log into the MBG Server Manager.
Under Security, click MBG client certificates. Certificate requests waiting for approval appear under the heading Queued CSRs.
Click the Certificate ID link.
After confirming the requester, do one of the following:
- Click Cancel to return to the main screen without approving/rejecting the request.
- Click Approve to approve the CSR. Note: The approved CSR is listed as a certificate under the Approved Certificates list. It can take up to two minutes for the approved certificate to appear.
- Click Reject to remove the CSR from the list. Note: If you reject the request, the requester must regenerate it.

Revoke a Certificate

To revoke an approved certificate:

Generated certificate numbers are unique. If you need to re-issue a certificate for a specific requester (for example, in the case of hardware failure or theft), you must first revoke the existing certificate.

Note: Do not use this option to disable a set.

Log into the MBG Server Manager.
Under Security, click MBG client certificates. Approved certificates appear under the heading Approved Certificates.
Click the Certificate ID link and then click Revoke. The requester can now make another request.

View Details of Mitel's Signing Certificate

To view details regarding Mitel's signing certificate:

Log into the MBG Server Manager.
Under Security, click MBG client certificates.

View details at the top of the page:

Field Name	Details
Issuer	Lists the following information for the certificate authorization company that issued the certificate:
	C: country code
	ST: state or province
	L: locality name (for example: city name)
	O: name of the certificate authorization authority: “Mitel Networks”
	OU: name of the organizational unit
	CN: server host name
	Authority/email Address: email address of the Certificate Authority
Subject	Lists the following information for the certificate holder:
	C: country code
	ST: state or province
	L: locality (for example, city name)
	O: organization name (your company name)
	OU: organizational unit (for example, department name)
	CN: Web Proxy server hostname
Not before	Date and time when the certificate takes effect.
Not after	Date and time when the certificate expires.