CHAPTER16 Services
Mediant 1000 Gateway & E-SBC | User's Manual
Parameter Description
[OVOCService_
EMSScheme]
â– [1] HTTPS
Note:
â– If configured to HTTPS, you must assign a TLS Context
(see the 'OVOC Interface TLS Context' parameter, below).
â– The NGINX directive for this parameter is "proxy_pass
scheme://upstream".
'OVOC Interface TLS
Context'
ovoc-interface-tls-
context
[OVOCService_
EMSInterfaceTLSContext]
Assigns a TLS Context (TLS certificate) for the OVOC listening
interface. This is required if you have configured the 'OVOC
Scheme' parameter to HTTPS (see above). To configure TLS
Contexts, see Configuring TLS Certificate Contexts on
page123.
Note: The NGINX directive for this parameter is "proxy_ssl_
certificate", "proxy_ssl_certificate_key", "proxy_ssl_ciphers",
and "proxy_ssl_protocols".
'OVOC Interface Verify
Certificate'
ovoc-verify-cer
[OVOCService_
EMSInterfaceVerifyCert]
Enables the verification of the TLS certificate that is used in the
incoming connection request from OVOC.
â– [0] No = (Default) No certificate verification is done.
â– [1] Yes = The device verifies the authentication of the
certificate received from OVOC. The device authenticates
the certificate against the trusted root certificate store
associated with the assigned TLS Context (see 'OVOC
Interface TLS Context' parameter above) and if ok, allows
communication with OVOC. If authentication fails, the
device denies communication (i.e., handshake fails). The
device can also authenticate the certificate by querying with
an Online Certificate Status Protocol (OCSP) server
whether the certificate has been revoked. This is also
configured for the associated TLS Context.
Note: The NGINX directive for this parameter is "proxy_ssl_
verify".
'OVOC Primary Server'
primary-server
[OVOCService_
PrimaryServer]
Defines the address of the primary OVOC server.
Note:
â– This parameter is mandatory.
â– When you configure this parameter, an Upstream Group is
automatically added (see Configuring Upstream Groups on
page268).
■The NGINX directive for this parameter is "upstream ems {
addr1, addr2 backup }" and "proxy_pass scheme://ems".
'OVOC Backup Server'
secondary-server
[OVOCService_
SecondaryServer]
Defines the address of the secondary OVOC server.
Note:
â– When you configure this parameter, an Upstream Group is
automatically added.
■The NGINX directive for this parameter is "upstream ems {
addr1, addr2 backup }" and "proxy_pass scheme://ems".
- 277 -
To Next Page
Loading...
Need help?
General
