Configuring Mutual Tls Authentication; Tls For Sip Clients - AudioCodes Mediant 800B User Manual
Analog & digital voip media gateway
Hide thumbs
Also See for Mediant 800B:
- User manual (1338 pages) ,
- Installation and maintenance manual (104 pages) ,
- Hardware installation manual (56 pages)
Table of Contents
Advertisement
3.
Click the Import button, and then select the certificate file to load.
Figure 10-9: Importing Certificate into Trusted Certificates Store
4.
Click OK; the certificate is loaded to the device and listed in the Trusted Certificates
store.
You can also do the following with certificates that are in the Trusted Certificates store:
Delete certificates: Select the required certificate, click Remove, and then in the
Remove Certificate dialog box, click Remove.
Save certificates to a file on your PC: Select the required certificate, click Export, and
then in the Export Certificate dialog box, browse to the folder on your PC where you
want to save the file and click Export.
10.1.7 Configuring Mutual TLS Authentication
10.1.7.1 TLS for SIP Clients
When Secure SIP (SIPS) is implemented using TLS, it is sometimes required to use two-
way (mutual) authentication between the device and a SIP user agent (client). When the
device acts as the TLS server in a specific connection, the device demands the
authentication of the SIP client's certificate. Both the device and the client use certificates
from a CA to authenticate each other, sending their X.509 certificates to one another during
the TLS handshake. Once the sender is verified, the receiver sends its' certificate to the
sender for verification. SIP signaling starts when authentication of both sides completes
successfully.
TLS mutual authentication can be configured for specific calls by enabling mutual
authentication on the SIP Interface used by the call. The TLS Context associated with the
SIP Interface or Proxy Set belonging to these calls are used.
Note:
SIP mutual authentication can also be configured globally for all calls, using the
'TLS Mutual Authentication' parameter (SIPSRequireClientCertificate) in the General
Security Settings page (Configuration tab > VoIP menu > Security > General
Security Settings).
To configure mutual TLS authentication for SIP messaging:
1.
Enable two-way authentication on the specific SIP Interface:
a.
In the SIP Interface Table page (see Configuring SIP Interfaces on page 244), set
the 'TLS Mutual Authentication' parameter to Enable for the specific SIP
Interface.
b.
Click Submit, and then reset the device with a burn-to-flash for your settings to
take effect.
User's Manual
Mediant 800B Gateway and E-SBC
98
Document #: LTRT-10278
Hide quick links:
Advertisement
Table of Contents
