Tls Parameters - AudioCodes Mediant 800B MSBR User Manual
Multi-service business router; session border controller
Hide thumbs
Also See for Mediant 800B MSBR:
- User manual (1338 pages) ,
- Installation and maintenance manual (104 pages) ,
- Hardware installation manual (56 pages)
Table of Contents
Advertisement
67.4.4 TLS Parameters
The Transport Layer Security (TLS) parameters are described in the table below.
Parameter
TLS Contexts Table
Web: TLS Contexts Table
CLI: configure system > tls #
[TLSContexts]
Web: TLS Client Re-Handshake
Interval
EMS: TLS Re Handshake Interval
CLI: tls-re-hndshk-int
[TLSReHandshakeInterval]
Web: TLS Mutual Authentication
EMS: SIPS Require Client
Certificate
[SIPSRequireClientCertificate]
Web/EMS: Peer Host Name
Verification Mode
[PeerHostNameVerificationMode]
User's Manual
Table 67-27: TLS Parameters
Defines SSL/TLS certificates.
The format of the ini file table parameter is as follows:
[ TLSContexts ]
FORMAT TLSContexts_Index = TLSContexts_Name,
TLSContexts_TLSVersion, TLSContexts_ServerCipherString,
TLSContexts_ClientCipherString, TLSContexts_OcspEnable,
TLSContexts_OcspServerPrimary,
TLSContexts_OcspServerSecondary,
TLSContexts_OcspServerPort,
TLSContexts_OcspDefaultResponse;
[ \TLSContexts ]
For a detailed description of this table, see ''Configuring TLS
Certificate Contexts'' on page 109.
Defines the time interval (in minutes) between TLS Re-
Handshakes initiated by the device.
The interval range is 0 to 1,500 minutes. The default is 0 (i.e.,
no TLS Re-Handshake).
Defines the device's mode of operation regarding mutual
authentication and certificate verification for TLS connections.
[0] Disable = (Default)
Device acts as a client: Verification of the server's
certificate depends on the VerifyServerCertificate
parameter.
Device acts as a server: The device does not request
the client certificate.
[1] Enable =
Device acts as a client: Verification of the server
certificate is required to establish the TLS connection.
Device acts as a server: The device requires the receipt
and verification of the client certificate to establish the
TLS connection.
Notes:
For this parameter to take effect, a device reset is required.
This feature can be configured per SIP Interface (see
''Configuring SIP Interfaces'' on page 267).
The SIPS certificate files can be changed using the
parameters HTTPSCertFileName and
HTTPSRootFileName.
Determines whether the device verifies the Subject Name of a
remote certificate when establishing TLS connections.
[0] Disable (default).
[1] Server Only = Verify Subject Name only when acting as
a client for the TLS connection.
[2] Server & Client = Verify Subject Name when acting as a
800
Mediant 800B MSBR
Description
Document #: LTRT-12813
Advertisement
Chapters
Table of Contents
Troubleshooting
