Administrator's Manual
27. Transport Layer Security and Certificate Management
27.2 Configuring TLS
This section describes how to configure TLS.
27.2.1 Configuring TLS using the Configuration file
This section describes how to configure TLS using the Configuration file.
27.2.1.1 Configuring TLS using a URI
This section describes how to configure TLS by directing the configuration to a URI location
of the CA Certificate and the Private key files.
Note:
Before performing this procedure, ensure that you have uploaded the CA
certificate file and the Private key file to an accessible TFTP, FTP, HTTP,
or HTTPS server.
¾
To configure TLS using a URI:
1.
Open the configuration file using a text editor.
2.
Specify the full URI of the CA Certificate file. For example:
provisioning/certificate/ca_uri= ftp://10.16.2.20/ca_cert.cer
3.
Specify the full URI of the Private key file. For example:
provisioning/certificate/private_key_uri=
https://auth.com/certfiles/private_keys.cert
4.
Save and close the file.
Table
27-1: SIP-over-TLS Parameters
Parameter
Description
SIP Transport Protocol
[voip/signalling/sip/transport_protocol]
Specifies the SIP Transport protocol.
x
If using the ‘sip’ prefix, set to ‘TLS’
x
If using the ‘sips’ prefix, set to ‘TCP’
TLS Port
[voip/signalling/sip/tls_port]
Defines the local TLS SIP port for SIP messages.
The valid range is 1024 to 65535. The default value
is 5061.
If signaling protocol is set to TCP and we want to
activate TLS, this parameter should be enabled. In
this case we will use ‘sips’ prefix instead of “sip:”
/voip/signalling/sip/enable_sips
The URI
for retrieving the private and public keys
(combined file). The certificate key must be included
in a separate file that can be downloaded to the
phone during provisioning.
Private Key and Certificate
[provisioning/certificate/private_key_uri]
For example:
provisioning/certificate/private_key_uri=certificate.cer
Notes:
ƒ
The certificate file is downloaded only after boot
up, and not periodically.
ƒ
If the certificate file is new, the phone reboots.
Version 2.0.0
183
October 2012
http://arttel.ru
Summary of Contents for 310HD
Page 2: ...http arttel ru ...
Page 17: ...Part I Configuration Tools http arttel ru ...
Page 18: ...310HD 320HD and 420HD IP Phones Reader s Notes http arttel ru ...
Page 35: ...Part II Automatic Provisioning http arttel ru ...
Page 36: ...Reader s Notes http arttel ru ...
Page 55: ...Part III Quick Setup http arttel ru ...
Page 56: ...Reader s Notes http arttel ru ...
Page 59: ...Part IV Networking http arttel ru ...
Page 60: ...Reader s Notes http arttel ru ...
Page 87: ...Part V VoIP Settings http arttel ru ...
Page 88: ...Reader s Notes http arttel ru ...
Page 161: ...Part VI Advanced Phone Settings http arttel ru ...
Page 162: ...Reader s Notes http arttel ru ...
Page 179: ...Part VII Security Settings http arttel ru ...
Page 180: ...Reader s Notes http arttel ru ...
Page 205: ...Part VIII Maintenance http arttel ru ...
Page 206: ...Reader s Notes http arttel ru ...
Page 217: ...Part IX Status and Monitoring http arttel ru ...
Page 218: ...Reader s Notes http arttel ru ...
Page 233: ...Part X Diagnostics and Troubleshooting http arttel ru ...
Page 234: ...Reader s Notes http arttel ru ...
Page 265: ...Part XI Appendices http arttel ru ...
Page 266: ...Reader s Notes http arttel ru ...