CHAPTER 68 Configuration Parameters Reference
TLS Parameters
The Transport Layer Security (TLS) parameters are described in the table below.
'TLS Client Re-Handshake Interval'
configure network >
security-settings > tls-re-
hndshk-int
[TLSReHandshakeInterval]
'TLS Mutual Authentication'
configure network >
security-settings >
SIPSREQUIRECLIENTCERTIFICATE
[SIPSRequireClientCertificate]
'Peer Host Name Verification Mode'
configure network >
security-settings >
PEERHOSTNAMEVERIFICATIONMODE
[PeerHostNameVerificationMode]
Parameter
Table 68-24:TLS Parameters
Parameter
Mediant 1000 Gateway & E-SBC | User's Manual
Note: If this feature is configured for a
specific IP Profile, the settings of this
global parameter is ignored for calls
associated with the IP Profile.
Description
Defines the time interval (in minutes) between TLS
Re-Handshakes initiated by the device.
The interval range is 0 to 1,500 minutes. The default
is 0 (i.e., no TLS Re-Handshake).
Defines the device's mode of operation regarding
mutual authentication and certificate verification for
TLS connections.
■
[0] Disable = (Default)
✔
Device acts as a client: Verification of the
server's certificate depends on the
VerifyServerCertificate parameter.
✔
Device acts as a server: The device does
not request the client certificate.
■
[1] Enable =
✔
Device acts as a client: Verification of the
server certificate is required to establish the
TLS connection.
✔
Device acts as a server: The device
requires the receipt and verification of the
client certificate to establish the TLS
connection.
Note:
■
This feature can be configured per SIP Interface
(see
Configuring SIP
■
The SIPS certificate files can be changed using
the parameters HTTPSCertFileName and
HTTPSRootFileName.
Enables the device to verify the Subject Name of a
TLS certificate received from SIP entities for
authentication and establishing TLS connections.
■
[0] Disable (default)
■
[1] Server Only = Verify Subject Name only
when acting as a client for the TLS connection.
- 1141 -
Description
Interfaces).