Manualshelf

Specifications

ManualsBrandsAudioCodes ManualsComputer equipment310HD
181182183184185186187188189190
Administrator's Manual 27. Transport Layer Security and Certificate Management
27.2 Configuring TLS
This section describes how to configure TLS.
27.2.1 Configuring TLS using the Configuration file
This section describes how to configure TLS using the Configuration file.
27.2.1.1 Configuring TLS using a URI
This section describes how to configure TLS by directing the configuration to a URI location
of the CA Certificate and the Private key files.
Note: Before performing this procedure, ensure that you have uploaded the CA
certificate file and the Private key file to an accessible TFTP, FTP, HTTP,
or HTTPS server.
To configure TLS using a URI:
1. Open the configuration file using a text editor.
2. Specify the full URI of the CA Certificate file. For example:
provisioning/certificate/ca_uri= ftp://10.16.2.20/ca_cert.cer
3. Specify the full URI of the Private key file. For example:
provisioning/certificate/private_key_uri=
https://auth.com/certfiles/private_keys.cert
4. Save and close the file.
Table 27-1: SIP-over-TLS Parameters
Parameter Description
SIP Transport Protocol
[voip/signalling/sip/transport_protocol]
Specifies the SIP Transport protocol.
If using the ‘sip’ prefix, set to ‘TLS’
If using the ‘sips’ prefix, set to ‘TCP’
TLS Port
[voip/signalling/sip/tls_port]
Defines the local TLS SIP port for SIP messages.
The valid range is 1024 to 65535. The default value
is 5061.
If signaling protocol is set to TCP and we want to
activate TLS, this parameter should be enabled. In
this case we will use ‘sips’ prefix instead of “sip:”
/voip/signalling/sip/enable_sips
The URI for retrieving the private and public keys
(combined file). The certificate key must be included
in a separate file that can be downloaded to the
phone during provisioning.
Private Key and Certificate
[provisioning/certificate/private_key_uri]
For example:
provisioning/certificate/private_key_uri=certificate.cer
Notes:
The certificate file is downloaded only after boot
up, and not periodically.
If the certificate file is new, the phone reboots.
Version 2.0.0 183 October 2012