The Certificates feature in the Vocera Platform Web Console enables a System Administrator to implement Secure Sockets Layer (SSL) protocol security for Internet communication.
Communication that passes through a public network is susceptible to surveillance as well as manipulation. Vocera is committed to ensuring communication traveling over the Internet is kept confidential and secure.
Secure Sockets Layer (SSL) is a cryptographic protocol that provides communication security over the Internet. An SSL certificate is a digital certificate issued to a server (or domain, such as *.vocera.com) by a trusted certification service known as a Certification Authority (CA).
SSL certificates are used to validate the identity of the server, and possibly the client. The certificate verifies the organization’s identity so that the client can securely connect to the server. This secure connection verifies that the server belongs to the identified organization, and that the communication between the server and client is encrypted.
A Certification Authority (CA) is an authority that issues SSL certificates. A CA certifies the ownership of a SSL certificate to it’s organization. The CA acts as a trusted third-party, responsible to both the certificate’s owner and the client relying upon the certificate. SSL certificates can be purchased from a CA (such as VeriSign, DigiCert, or Go Daddy), or an organization may have their own “Internal” Certificate Authority to manage SSL certificates.
Self-signed Certificates: Used for testing purposes. Not secure, not recommended in “production” environments. Using “out of box” SSL for Voice Server is self-signed.
Internal CA Signed Certificate: An SSL Certificate that has been signed by an Internal Certificate Authority within the organization. Used where a Public Key Infrastructure (PKI) is deployed on a organization’s network. Some Internal Certificate Authorities will be backed by a Public Signed Certificate.
Public Signed Certificate: An SSL Certificate that has been signed by a Trusted Third Party organization who validates the organization’s identity. These are recommended when access is made outside of the organization’s network.