Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. In the WebUI, click the Settings tab.
  2. In the left navigation pane, go to Security > SBC Certificates > Sonus Certificate.

    Panel
    borderStylenone

    Caption
    0Figure
    1Sonus SBC Certificate

    Image Modified

Key Usage Field Descriptions

...

To import an X.509 signed certificate:

 

Panel
borderStylenone

Caption
0Figure
1Import X.509 Signed Certificate

Image Modified

 

  1. Select X.509 Signed Certificate from the Import menu at the top of the page.
  2. Chose the import mode(Copy and Paste or File Upload) from the Mode pull-down menu.

    Panel
    borderStylenone

    Caption
    0Figure
    1Import Mode

    Image Modified

  3. If you chose File Upload:
    1. Use the Browse button to find the file
    2. Click OK.
  4. If you choose Copy and Paste:
    1. Open the file in a text editor.
    2. Paste the contents into the Paste Base64 Certificate text field.
  5. Click OK.

To import a PKCS12 Certificate and Key:

 

Panel
borderStylenone

Caption
0Figure
1Import PKCS12 Certificate and Key

Image Modified

 

 

  1. Select PKCS12 Certificate and Key from the Importmenu at the top of the page.

    Panel
    borderStylenone

    Caption
    0Figure
    1Import PKCS12 Server Certificate

    Image Modified 

  2. Enter the password used to export the certificate in the Password field.
  3. Browse for the PKCS certificate and key file.

    Info
    iconfalse

    You must use the same password as was used when exporting the certificate and key.

  4. Click OK

...

  1. In the Issuer panel, ensure the Common Name field has changed from Self-Signed to the issuer's Common Name.
  2. In the Certificate panel,
    1. Ensure that the Enhanced Key Usage field indicates TLS Web Server Authentication.
    2. Ensure that the Verify Status field indicates OK.
      If the Verify Status field does not indicate OK, repeat the steps aboveto obtain a valid certificate.

      Info
      iconfalse

      According to RFC3280, the Netscape CertType field is obsolete and has been replaced by the X509v3 Key Usage field.
      Most modern browsers require the Enhanced Key Usage field for certificate acceptance based on use purpose.

      Panel
      borderStylenone

      Caption
      0Figure
      1Verify Signed Server Certificate

      Image Modified 

Info
iconfalse
  • Server (Sonus SBC 1000/2000) certificates with a 4096 RSA Key are not supported due to the amount of time required to generate a key and process calls.
  • Trusted Root CA certificates with a 4096 RSA Key are supported, but have not been thoroughly tested.