Versions Compared

Old Version 1

changes.mady.by.user Ribbon Communications

Saved on

compared with

New Version Current

changes.mady.by.user Ribbon Communications

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Panel

In this section:

Table of Contents
maxLevel4



Info
iconfalse

Related articles:


 Use the DTLS Profile to configure various DTLS parameters to attach to a SIP trunk group in support of WebRTC functionality.

Multiexcerpt include
MultiExcerptNameDTLS Crypto Suites
PageWithExcerptSBC for WRTC

Command Syntax

Code Block
languagenone
% set profiles security dtlsProfile <profile name> 
	CertName <cert name>
	cipherSuite1 <cipher suite> 
	cipherSuite2 <cipher suite> 
	cipherSuite3 <cipher suite>
	cookieExchange <disabled | enabled>
	dtlsRole <client | server>
	handshakeTimer <1-60 seconds> 
	hashType <md2 | md5 | sha1 | sha224 | sha256 | sha384 | sha512>
	sessionResumpTimer <0-86400>
	v1_0 <disabled | enabled>
    v1_1 <disabled | enabled>
    v1_2 <disabled | enabled>


Command Parameters

The DTLS Profile Parameters are as shown below:

Caption


0Table1

DTLS Profile Parameters

Parameter

Length/Range

Description

dtlsProfile1-23<profile name> – Name of DTLS profile.

CertName

1-23

<profile name> – Name of the Certificate used by this DTLS profile (default = defaultDtlsSBCCert).

cipherSuite1

N/A

Use this parameter to specify the first TLS Cipher Suite choice for this profile (default = rsa-with-aes-128-cbc-sha).

See the table Supported DTLS Crypto Suites below for the list of cipher suites.

cipherSuite2

N/A

Use this optional parameter to specify the second TLS Cipher Suite choice for this profile (default = nosuite).

See the table Supported DTLS Crypto Suites below for the list of cipher suites.


cipherSuite3

N/A

Use this optional parameter to specify the third TLS Cipher Suite choice for this profile (default = nosuite).

See the table Supported DTLS Crypto Suites below for the list of cipher suites.

cookieExchangeN/A

Use this flag to enable Cookie Exchange mechanism.

  • disabled
  • enabled (default)
dtlsRoleN/A

Specify DTLS role to use for this DTLS Profile.

  • client
  • server (default)

handshakeTimer

1-60

The time (in seconds) in which the DTLS handshake must be completed. The timer starts when the TCP connection is established. (default = 5)

hashTypeN/A

The allowed DTLS hash function for the specified DTLS Profile (default = sha1)

md2 | md5 | sha1 | sha224 | sha256 | sha384 | sha512

sessionResumpTimer

0-86400

The DTLS session resumption period (in seconds) for which cached sessions are retained. DTLS protocol allows successive connections to be created within one DTLS session (and the resumption of a session after a DTLS connection is closed or after a server card failover) without repeating the entire authentication and other setup steps for each connection, except when the space must be reclaimed for a new session. (default = 300)

v1_0N/A

DTLS protocol version 1.0 (see note below)

  • disabled
  • enabled (default)
v1_1N/A

DTLS protocol version 1.1 (see note below)

  • disabled  (default)
  • enabled
v1_2N/A

DTLS protocol version 1.2 (see note below)

  • disabled (default)
  • enabled


Anchor
Supported DTLS Crypto Suites
Supported DTLS Crypto Suites
Crypto Suites

The following crypto suites are supported.

Multiexcerpt include
MultiExcerptNameDTLS Crypto Suites Table
PageWithExcerptTLS for Signaling

Command Examples

Code Block
languagenone
% show profiles security dtlsProfile defaultDtlsProfile
handshakeTimer     5;
sessionResumpTimer 300;
cipherSuite1       rsa-with-aes-128-cbc-sha;
dtlsRole           server;
hashType           sha1;
CertName           defaultDtlsSBCCert;
cookieExchange     enabled;
v1_0               enabled;
v1_1               disabled;
v1_2               disabled; 

Pagebreak