7.3.1. How to Configure Server Certificate Validation 
A new feature of OpenScape Mobile Pro Application allows users to configure Server certificate validation.
Prerequisites
In order to perform certificate validation, all entities involved in the validation
(OpenScape
Mobile Pro, UC Server, OpenScape Voice Server) must have a valid Root CA
certificate installed in the trusted root CA store and a valid certification
path too (i.e. none of the certificates in the certificate path is revoked or
its validity period is expired).
Step by Step
- In OpenScape Mobile Pro tap Settings.
- Tap Advanced settings and navigate to Certificate Management area.
- To allow OpenScape Mobile Pro to connect to the servers deemed untrustworthy by the
Certification Authorities, you have to turn on the option Allow Invalid
Certificates.This implies that the invalid Server certificates will be allowed and the connection establishment will continue by presenting a warning message to the user to accept or to reject the invalid certificate. If the user rejects the certificate, OpenScape Mobile Pro shall disconnect from the server. Otherwise, the connection to the correspondign server(s) will be established.
- To enhance the security by allowing OpenScape Mobile Pro to verify server certificates,
set the option Allow
Invalid Certificates to OFF.In that way, the users can accept and validate Server certificate during authentication process between OpenScape Mobile Pro and Mobile Façade Server (HTTP connection), and OpenScape Mobile Pro and Session Border Controller (SIP connection).
INFO:
If the Server certificate for Façade Server is found to be valid, but the Server certificate for SBC or OSV is invalid, OpenScape Mobile Pro shall operate in "Callback" mode (i.e. if the Allow Invalid Server Certificate option is set to OFF).
‣ Parent topic: Section 7.3. Server Certificate