When an encrypted connection (e. g. SIPS) is being set up, it is important to verify the authenticity of the server and, consequently, the identity of a web page. During setup of a connection the certificate provided by the server is checked against a root certificate stored in the PBX.

A difference is made between root certificate and PBX certificate.

Root certificates are imported into the PBX and are used to validate all subordinated certificates. When renewing the root certificate, a new fingerprint is generated automatically.

PBX certificates are generated by the PBX itself. A PBX certificate can not be saved when a change is made, it must be renewed. Period of validity and fingerprint of the certificate are changed.