About this Resource

Modified: for 8.0.0

Defines a DTLS-SRTP Profile used by the Media List Profile Table.

REST API Methods for this Resource

Resource Schema

Configuration

Parameter Name Required Service Affecting Data Type Default Value Possible Values Description
DescriptionNoNostringnone64 - Max Length Description of the profile
MutualAuthYesNoEnum1Possible values:
  • 0 - btFalse
  • 1 - btTrue
 Specifies if the DTLS server authenticate the DTLS client.
DTLSVersionYesYesstring1.0,1.232 - Max Length Defines DTLS Protocol Version. By default system would accept all TLS protocol versions up to 1.2. SBC Client would initiate highest supported version, which is DTLS 1.2.
VerifyPeerYesNoEnum1Possible values:
  • 0 - btFalse
  • 1 - btTrue
 Allows the disabling of the validation of the fingerprint against the recieved certificate/ Enabled and hidden when Mutual Authentication is Enabled.
ClientCipherSequenceYesNostring6,5,4,3,1,032 - Max Length Set of cipher suite(s) as comma seperated string in order of preference as security parameter negotiation with the remote system. Enumeration List:
  • 0 AES128-SHA
  • 1 AES256-SHA
  • 3 AES128-SHA256
  • 4 AES256-SHA256
  • 5 ECDHE-RSA-AES128-SHA256
  • 6 ECDHE-RSA-AES256-SHA384
HashTypeYesNoEnum1Possible values:
  • 0 - DTLS_MEDIA_CRYPTO_HASH_UNKNOWN
  • 1 - DTLS_MEDIA_CRYPTO_HASH_SHA1
  • 2 - DTLS_MEDIA_CRYPTO_HASH_SHA224
  • 3 - DTLS_MEDIA_CRYPTO_HASH_SHA256
  • 4 - DTLS_MEDIA_CRYPTO_HASH_SHA384
  • 5 - DTLS_MEDIA_CRYPTO_HASH_SHA512
  • 6 - DTLS_MEDIA_CRYPTO_HASH_MD5
 Specifies the hash type used to generate the fingerprint of the X.509 certificate included in the SIP offer message.
RoleYesNoEnum0Possible values:
  • 0 - drUnknown
  • 1 - drActive
  • 2 - drPassive
  • 3 - drActPass
 Specifics the DTLS role of the SBC when it is the answerer. Enumeration List:
  • 1 drActive
  • 2 drPassive
HandshakeTimerYesNoint10Possible values:
  • 5 - Minimum
  • 60 - Maximum
 Specifies the time in seconds to wait for the handshake to complete.
CookieExchangeYesNoEnum0Possible values:
  • 0 - btFalse
  • 1 - btTrue
 Specifies if the DoS countermeasure is initiated by the server. When the server receives a ClientHello it responds with a HelloVerifyRequest message with a generated cookie. The client must retransmit the ClientHello with the recieved cookie added. Applies when the SBC is the DTLS server side only.
CryptoSuiteSequenceYesNostring2,132 - Max Length Specifies the comma separated crypto suite IDs in order of preference to negotiate for media encryption. Enumeration List:
  • 1 AES_CM_HMAC_SHA1_32
  • 2 AES_CM_HMAC_SHA1_80
MasterKeyIdentifierLengthNoNoint0Possible values:
  • 0 - Minimum
  • 4 - Maximum
The number of bytes that should be used for communicating the Master Key Identifier in the SRTP packets.