AudioCodes Mediant 600 - TLS Parameters; A.4.4 TLS Parameters

To Next Page

To Previous Page

Version 6.4 573 March 2012

SIP User's Manual A. Configuration Parameters Reference

Parameter Description

[RTCPEncryptionDisableT



[1] Disable

A.4.4 TLS Parameters

The Transport Layer Security (TLS) parameters are described in the table below.

Table A-22: TLS Parameters

Parameter Description

Web/EMS: TLS Version

[TLSVersion]

Determines the supported versions of SSL/TLS (Secure Socket

Layer/Transport Layer Security.

 [0] SSL 2.0-3.0 and TLS 1.0 = SSL 2.0, SSL 3.0, and TLS

1.0 are supported (default).

 [1] TLS 1.0 Only = only TLS 1.0 is used.

When set to 0, SSL/TLS handshakes always start with SSL 2.0

and switch to TLS 1.0 if both peers support it. When set to 1,

TLS 1.0 is the only version supported; clients attempting to

contact the device using SSL 2.0 are rejected.

Note: For this parameter to take effect, a device reset is

required.

Web: TLS Client Re-Handshake

Interval

EMS: TLS Re Handshake Interval

[TLSReHandshakeInterval]

Defines the time interval (in minutes) between TLS Re-

Handshakes initiated by the device.

The interval range is 0 to 1,500 minutes. The default is 0 (i.e.,

no TLS Re-Handshake).

Web: TLS Mutual Authentication

EMS: SIPS Require Client

Certificate

[SIPSRequireClientCertificate]

Determines the device's behavior when acting as a server for

TLS connections.

 [0] Disable = The device does not request the client

certificate (default).

 [1] Enable = The device requires receipt and verification of

the client certificate to establish the TLS connection.

Notes:

 For this parameter to take effect, a device reset is required.

 The SIPS certificate files can be changed using the

parameters HTTPSCertFileName and

HTTPSRootFileName.

Web/EMS: Peer Host Name

Verification Mode

[PeerHostNameVerificationMode]

Determines whether the device verifies the Subject Name of a

remote certificate when establishing TLS connections.

 [0] Disable = Disable (default).

 [1] Server Only = Verify Subject Name only when acting as

a server for the TLS connection.

 [2] Server & Client = Verify Subject Name when acting as a

server or client for the TLS connection.

When a remote certificate is received and this parameter is not

disabled, the value of SubjectAltName is compared with the list

of available Proxies. If a match is found for any of the

configured Proxies, the TLS connection is established.

The comparison is performed if the SubjectAltName is either a

DNS name (DNSName) or an IP address. If no match is found

AudioCodes Mediant 600 - TLS Parameters; A.4.4 TLS Parameters

Table of Contents

Other manuals for AudioCodes Mediant 600

Related product manuals