NEC UNIVERGE SL2100 Manual page 23

Example Certificate Registration for SL2100 and SIP Extension
For this example we have used a Polycom VVX1500.
rd
We have also used a 3
The .pem and .key files are both loaded on the SL2100, just the .pem file is loaded on the extension.
Registration steps
This is a simple example that demonstrates in three steps how to use TLS transport layer security
between a standard SIP Terminal and SL2100 using a self-signed certificate.

Step 1: Generate SSL certificates using OpenSSL

Step 2: Configure SL2100 for TLS

Step 3: Configure standard SIP Terminal for TLS
If you would like to use an SSL certificate to secure a service but you do not require a CA-signed
certificate, a valid (and free) solution is to sign your own certificates.
A common type of certificate that you can issue yourself is a self-signed certificate. A self-signed
certificate is a certificate that is signed with its own private key. Self-signed certificates can be used to
encrypt data just as well as CA-signed certificates, but your users will be displayed a warning that says
that the certificate is not trusted if accessed by their computer or browser.
Therefore, self-signed certificates should only be used if you do not need to prove your service's
identity to its users (e.g. non-production or non-public servers).
 Copyright 2018 NEC Enterprise Solutions
All rights are reserved. Reproduction whole or in part is prohibited without the written consent of the copyright owner.
Party .pem and .key generator by OpenSSL from
UNIVERGE SL2100 Release 1.8 Overview
Exclusively for use by NEC Enterprise Solutions channel partners
https://www.openssl.org/
23 of 34