AudioCodes Mediant 2000 User Manual page 534
Voip media gateway
Hide thumbs
Also See for Mediant 2000:
- User manual (662 pages) ,
- Installation manual (44 pages) ,
- Hardware installation manual (30 pages)
Table of Contents
Advertisement
Parameter
Web: TLS Client Verify
Server Certificate
EMS: Verify Server
Certificate
[VerifyServerCertificate
]
Web: Strict Certificate
Extension Validation
[RequireStrictCert]
Web/EMS: TLS Remote
Subject Name
[TLSRemoteSubjectNa
me]
Web: Client Cipher
String
[TLSClientCipherString
]
[TLSPkeySize]
User's Manual
TLSRemoteSubjectName. If a match is found, the connection is
established. Otherwise, the connection is terminated.
Note: If you set this parameter to [2] (Server & Client), for this
functionality to operate, you also need to set the
SIPSRequireClientCertificate parameter to [1] (Enable).
Determines whether the device, when acting as a client for TLS
connections, verifies the Server certificate. The certificate is verified with
the Root CA information.
[0] Disable (default)
[1] Enable
Note: If Subject Name verification is necessary, the parameter
PeerHostNameVerificationMode must be used as well.
Enables the validation of the extensions (keyUsage and
extentedKeyUsage) of peer certificates. This validation ensures that the
signing CA is authorized to sign certificates and that the end-entity
certificate is authorized to negotiate a secure TLS connection.
[0] Disable (default)
[1] Enable
Defines the Subject Name that is compared with the name defined in the
remote side certificate when establishing TLS connections.
If the SubjectAltName of the received certificate is not equal to any of the
defined Proxies Host names/IP addresses and is not marked as 'critical',
the Common Name (CN) of the Subject field is compared with this value.
If not equal, the TLS connection is not established. If the CN uses a
domain name, the certificate can also use wildcards ('*') to replace parts
of the domain name.
The valid range is a string of up to 49 characters.
Note: This parameter is applicable only if the parameter
PeerHostNameVerificationMode is set to 1 or 2.
Defines the cipher-suite string for TLS clients.
The valid value is up to 255 strings. The default is "ALL:!ADH".
For example: TLSClientCipherString = 'EXP'
This parameter complements the HTTPSCipherString parameter (which
affects TLS servers). For possible values and additional details, refer to:
http://www.openssl.org/docs/apps/ciphers.html
Defines the key size (in bits) for RSA public-key encryption for newly
self-signed generated keys for SSH.
[512]
[768]
[1024] (default)
[2048]
534
Description
Document #: LTRT-68822
Mediant 2000
Advertisement
Table of Contents
Troubleshooting
