Configure certificate authorities

Prerequisites
  • Telephony > Plugin > All permission

Note: The digital certificates described in this article only apply to the BYOC Premises. For information on digital certificates for BYOC Cloud, see TLS trunk transport protocol specification.

Digital certificates ensure the identification of a trusted authority through encryption. Genesys Cloud supports two types of digital certificates: Managed and Remote.

Managed

There is only one managed digital certificate for your Genesys Cloud organization and it is set up and managed by Genesys. Genesys Cloud uses this managed certificate authority to create trusted TLS connections for components such as the Edge and managed phones. This managed certificate authority also allows remote SIP devices to trust and accept secure connections to External Trunks connected to the Edge.

Remote

You can add remote certificate authorities in Genesys Cloud by importing the digital certificate files issued to your organization. These remote digital certificates allow the Edge to trust a remote TLS endpoint.

Note: You cannot add, edit, or delete managed certificate authorities. The Type column identifies certificate authorities as managed or remote.

Add a remote certificate authority

There are two ways that you can import a remote digital certificate into Genesys Cloud.

  1. Click Admin.
  2. Under Telephony, click Certificate Authorities.
  3. Click Create New.
  4. Under Add Certificate Authority, select the appropriate option.
  • Click Browse.
  • Find the .crt file.
  • Click Open.
  • Copy the contents of your certificate file.
  • Paste the contents in the Enter Your Certificate Authority box.
  1. In the Select Service for Use boxtype or select the appropriate services from the list. 
  2. Click Save Certificate Authority.

Edit a remote certificate authority

You can edit a remote certificate authority by adding or deleting a service.

  1. Click Admin.
  2. Under Telephony, click Certificate Authorities.
  3. Click the check box next to the common name.
  4. Click Edit.
  5. In the Select Services for use box
    • To delete an existing service, select the service type and click Remove.
    • To add a new service, select the appropriate service type from the list. 
  6. Click Save Certificate Authority.

Delete a remote certificate authority

  1. Click Admin.
  2. Under Telephony, click Certificate Authorities.
  3. Click the check box next to the common name.
  4. Click Delete. A confirmation message appears.
  5. Click OK