Page History
...
- In the WebUI, click the Settings tab.
In the left navigation pane, go to Media > DTLS-SRTP Profiles.
Panel borderStyle none Caption 0 Figure 1 DTLS-SRTP Table 
Click the Create DTLS -SRTP Profile (
) icon.Panel borderStyle none Caption 0 Figure 1 Create DTLS-SRTP Profile 
- Enter the field configurations. See DTLS-SRTP Profile Table Entry - Field Definitions.
Click OK.
| Anchor | ||||
|---|---|---|---|---|
|
...
| Panel | ||||
|---|---|---|---|---|
| ||||
| Configures the number of seconds to wait for the DTLS handshake to complete. Valid entry 1 - 60 seconds. Default entry: 5 10 seconds. |
Hash Type
| Panel | ||||
|---|---|---|---|---|
| ||||
Hash Type is used to generate the fingerprint of the SBC X.509 certificate, which is included in the SIP offer message. The fingerprint binds the DTLS key changed in the media plane to the signaling plane. Valid options: DTLS_MEDIA_CRYPTO_HASH_SHA1 DTLS_MEDIA_CRYPTO_HASH_SHA224 DTLS_MEDIA_CRYPTO_HASH_SHA256 DTLS_MEDIA_CRYPTO_HASH_SHA384 DTLS_MEDIA_CRYPTO_HASH_SHA512 DTLS_MEDIA_CRYPTO_HASH_MD5 |
...
| Panel | ||||
|---|---|---|---|---|
| ||||
Specifies the cipher suite IDs (in order of preference) as the security parameter negotiation with the peer; this list includes the cryptographic options supported by the client. Valid options: TLS_RSA_WITH_AES128_CBC_SHA TLS_RSA_WITH_AES256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA3 |
DTLS Connection Retry Interval
| Panel | ||||
|---|---|---|---|---|
| ||||
| How long the clients waits before attempting to connect to the DTLS server if the previous attempt failed. Valid entry: 100 - 500 ms. Default entry: 500 ms. |
DTLS Connection Retries
| Panel | ||||
|---|---|---|---|---|
| ||||
| The number of times the client attempts connecting to the DTLS server before giving up. Valid entry 1 - 10. Default entry: 5. |
Cookie Exchange
| Panel | ||||
|---|---|---|---|---|
| ||||
| Enables a Denial of Service attack counter measure initiated by the server. When the server receives ClientHello, it responds with the HelloVerifyRequest message with a generated cookie. The client must re-transmit the ClientHello with the received cookie added. Valid options: Enabled (enables DoS countermeasure) or Disabled (disables DoS countermeasure). Default value: Disabled. |
...
| Panel | |||||
|---|---|---|---|---|---|
| |||||
Specifies the comma-separated crypto suite IDs (in order of preference) to negotiate the crypto used for encryption and decryption of media. Available options: How to Use: Up. Moves the selected entry up in priority. Down. Moves the selected entry down in priority. Add/Edit. Adds/edits entries. Remove. Removes the selected entry from the list.
|
Master Key Lifetime
| Panel | ||||
|---|---|---|---|---|
| ||||
Specifies whether the Master Key has an expiration. Valid options: Set (sets an expiration value for the Master Key) or Never Expires (the Master Key will never expire). |
Lifetime Value
| Panel | ||||
|---|---|---|---|---|
| ||||
Specifies the lifetime value of the Master Key, measured in numbers of SRTP packets expressed as a power of 2 (e.g. 2^n SRTP Packets). This field is available only when Master Key Lifetime is configured as Set. |
Derivation Rate
| Panel | ||||
|---|---|---|---|---|
| ||||
Specifies the rate at which the session key is refreshed during the SRTP session; this rate is measured in the number of SRTP packets expressed as a power of 2 (i
|
Key Identifier Length
| Panel | ||||
|---|---|---|---|---|
| ||||
Specifies the length of the Master Key Identifier, in bytes, sent in the SRTP packet. The Master Key Identifier (MKI) identifies the master key from which the session key(s) were derived that authenticate and/or encrypt the particular packet. If the MKI indicator is set to one (key identifier length > 0), the length (in octets) of the MKI field and (for the sender) the actual value of the currently active MKI (the value of the MKI indicator and length) MUST be kept fixed for the lifetime of the context.
|
Overview
Content Tools