Panel | ||||
---|---|---|---|---|
In this section:
|
Info | ||
---|---|---|
| ||
Related articles: |
Multiexcerpt include | ||||
---|---|---|---|---|
|
Use the TLS Profile to
...
Spacevars | ||
---|---|---|
|
...
configure a profile for implementing the
...
TLS
...
protocol for
...
SIP over TLS. The TLS
...
profile is associated with a SIP Signling Port.
Info | ||
---|---|---|
| ||
The settings within the default TLS Profile |
...
may be modified. Also, the supported transport protocols must be set to allow SIP over TLS. |
...
Include Page | ||||
---|---|---|---|---|
|
Code Block | ||
---|---|---|
| ||
% set profiles security tlsProfile <profile name> acceptableCertValidationErrors <invalidPurpose | none> allowedRoles <clientandserver | server> appAuthTimer <1-60 seconds> authClient <false | true> cipherSuite1 <cipher suite> cipherSuite2 <cipher suite> cipherSuite3 <cipher suite> clientCertName <name> handshakeTimer <1-60 seconds> ocspProfileName <name> peerNameVerify <disabled | enabled> serverCertName <name> sessionResumpTimer <0-86400 seconds> suppressEmptyFragments <disabled | enabled> v1_0 <disabled | enabled> v1_1 <disabled | enabled> v1_2 <disabled | enabled> |
The TLS Profile Parameters are as shown below:
Caption | ||||
---|---|---|---|---|
| ||||
|
...
|
...
|
...
|
...
|
...
|
Include Page | ||||
---|---|---|---|---|
|
Anchor | ||||
---|---|---|---|---|
|
...
Multiexcerpt-include |
---|
...
|
...
|
...
...
Code Block | ||
---|---|---|
|
...
show profiles security tlsProfile defaultTlsProfile
appAuthTimer 5;
handshakeTimer 5;
sessionResumpTimer 3600;
cipherSuite1 rsa-with-aes-128-cbc-sha;
allowedRoles clientandserver;
v1_0 enabled;
v1_1 enabled;
v1_2 enabled;
|
...
set profiles security tlsProfile defaultTlsProfile ocspProfileName myOcspProfile commit |
...
show profiles security tlsProfile defaultTlsProfile
appAuthTimer 5;
handshakeTimer 5;
sessionResumpTimer 3600;
cipherSuite1 rsa-with-aes-128-cbc-sha;
allowedRoles clientandserver;
ocspProfileName myOcspProfile;
v1_0 enabled;
v1_1 enabled;
v1_2 enabled; |
Code Block | ||
---|---|---|
|
...
set profiles security tlsProfile TLS-1 v1_2 enabled
|
...
set profiles security tlsProfile TLS-1 cipherSuite1 tls_ecdh_ecdsa_with_aes_256_gcm_sha384
|
...
commit
|
...
show profiles security tlsProfile TLS-1
cipherSuite1 tls_ecdh_ecdsa_with_aes_256_gcm_sha384;
v1_2 enabled; |
Pagebreak |
---|