| CSS Stylesheet |
|---|
img.confluence-embedded-image { display: inline-block !important; } |
| Add_docset_workflow |
|---|
| AUTH1 | cclemetsonUserResourceIdentifier{userKey=8a00a0c85b2726c2015b58aa779d0003, userName='null'} |
|---|
| DEV1 | plessisaUserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cc5207f0, userName='null'} |
|---|
| LDEV1 | cclemetsonUserResourceIdentifier{userKey=8a00a0c85b2726c2015b58aa779d0003, userName='null'} |
|---|
| SVT1 | pdeepakUserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cef30cd0, userName='null'} |
|---|
| LSVT1 | cclemetsonUserResourceIdentifier{userKey=8a00a0c85b2726c2015b58aa779d0003, userName='null'} |
|---|
| AUTHJID | SYM-20206 |
|---|
|
To create or modify a TLS Profile:
...
| Panel |
|---|
| bgColor | #FAFAFA |
|---|
| borderStyle | none |
|---|
|
Specifies the TLS Protocol. Valid entries: TLS 1.0 Only, TLS 1.2 Only, or TLS 1.0 - 1.2. Once the TLS is option is selected, the Client Cipher List is automatically updated to display only the ciphers supported for the selected TLS version. | Note |
|---|
The TLS version you choose for the SBC TLS Profile must match the TLS version configured in the SBA security for the associated SIP Server. | For TLS Profile in SBC... | Select the TLS below in SBA Security Template |
|---|
| TLS 1.0 Only | TLS 1.0-1.2 | TLS 1.2 Only
| TLS 1.2 only or TLS 1.0-1.2 | | TLS 1.0 - 1.2 | TLS 1.0-1.2 |
|
|
Mutual Authentication
| Panel |
|---|
| bgColor | #FAFAFA |
|---|
| borderStyle | none |
|---|
|
Enables the Mutual authentication request and verifications of the SIP peer client certificate. | Note |
|---|
This setting is part of the standard level of Mutual TLS security. Mutual Authentication includes a check on the certificate dates for certificate validity and whether the certificate is signed by a local trusted root CA. |
|
...
| Panel |
|---|
| bgColor | #FAFAFA |
|---|
| borderStyle | none |
|---|
|
Specifies whether or not to verify the identity of a peer server. Available when Mutual Authentication is disabled. | Note |
|---|
This setting is part of the standard level of Mutual TLS security. Verify Peer Server Certificate implies that Mutual Authentication is enabled first. Verify Peer Server Certificate includes a check on the certificate dates for certificate validity and whether the certificate is signed by a local trusted root CA. |
|
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Verify Peer Server Certificate |
|---|
|
|
...
| Panel |
|---|
| bgColor | #FAFAFA |
|---|
| borderStyle | none |
|---|
|
Specifies the reverse DNS lookup of a peer's FQDN. Used to verify the identity of the SIP peer client certificate. This action takes place when both, Mutual Authentication and Validate Client FQDN are enabled. If Mutual Authentication is disabled, the Validate Client FQDN is also disabled. Validate Client FQDN is an enhanced security feature of , which could be disabled if the common name in the certificate is an IP address (some ITSP's do that). When the Validate Client FQDN is enabled, this option allows to perform an FQDN match of an incoming peer certificate common name (CN) or Subject Alternate Name (SAN) against a reverse DNS lookup of the IP address to an FQDN.| Note |
|---|
| does not validate IP addresses to identify a peer server, but only Fully Qualified Domain Names (FQDN). |
|