Generating A Mini Certificate - Linksys RTP300 - Broadband Router With 2 Phone Ports Administration Manual

User guide

Hide thumbs Also See for RTP300 - Broadband Router With 2 Phone Ports:

Installation and troubleshooting manual (96 pages)

Product data (2 pages)

Quick installation (2 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

Table of Contents

The CA public key is used to verify the MC received from the other end. If the MC is invalid, the

call will not switch to secure mode. The MC and the 1024-bit CA public key are concatenated

and base64 encoded into the single parameter Mini Certificate. The 512-bit private key is base64

encoded into the SRTP Private Key parameter, which should be kept secret, like a password.

(Mini Certificate and SRTP Private Key are configured in the Line tabs.)

Because the secure call establishment relies on exchange of information embedded in message

bodies of SIP INFO requests/responses, the service provider must ensure that the network

infrastructure allows the SIP INFO messages to pass through with the message body

unmodified.

Generating a Mini Certificate

Linksys provides a Mini Certificate Generator for the generation of mini certificates and private

keys.

•

Partners in North America can find the Mini Certificate Generator on the SPA Utilities

page at the Linksys Partner Connection (LPC) at Linksys.com.

•

Partners in Europe, the Middle East, and Africa can find the Mini Certificate Generator on

the Firmware and Tools page at linksys-itsp.com.

NOTE: The partner sites require a logon.

The Mini Certificate Generator uses the following syntax:

gen_mc ca-key user-name user-id expire-date

Where:

•

is a text file with the base64 encoded 1024-bit CA private/public key pairs for

ca-key

signing/verifying the MC, such as the following:

9CC9aYU1X5lJuU+EBZmi3AmcqE9U1LxEOGwopaGyGOh3VyhKgi6JaVtQZt87PiJINKW8XQj3B9Qqe3VgYx

WCQNa335YCnDsenASeBxuMIEaBCYd1l1fVEodJZOGwXwfAde0MhcbD0kj7LVlzcsTyk2TZYTccnZ75TuTj

j13qvYs=

5nEtOrkCa84/mEwl3D9tSvVLyliwQ+u/Hd+C8u5SNk7hsAUZaA9TqH8Iw0J/

IqSrsf6scsmundY5j7Z5mK5J9uBxSB8t8vamFGD0pF4zhNtbrVvIXKI9kmp4vph1C5jzO9gDfs3MF+zjyY

rVUFdM+pXtDBxmM+fGUfrpAuXb7/k=

•

is the name of the subscriber, such as "Joe Smith". Maximum length is 32

user-name

characters

•

is the User ID of the subscriber, which must match exactly the user-id used in the

user-id

INVITE when making the call, such as "14083331234". The maximum length is 16

characters.

•

is the expiration date of the MC, such as "00:00:00 1/1/34" (34=2034).

expire-date

Internally the date is encoded as a fixed 12B string: 000000010134

Linksys ATA Administration Guide

Secure Call Implementation

Table of Contents

Chapters

Table of Contents

Generating A Mini Certificate - Linksys RTP300 - Broadband Router With 2 Phone Ports Administration Manual

Generating a Mini Certificate

Chapters

Troubleshooting

Related Manuals for Linksys RTP300 - Broadband Router With 2 Phone Ports

Related Content for Linksys RTP300 - Broadband Router With 2 Phone Ports

Table of Contents