EasyManua.ls Logo

AudioCodes Mediant 800 - Page 169

AudioCodes Mediant 800
1482 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
CHAPTER14 Security
Mediant 800 Gateway & E-SBC | User's Manual
Parameter Description
[1] DTLSv1.0
[2] DTLSv1.2
For more information on WebRTC, see WebRTC.
Note: The parameter is applicable only to the SBC
application.
'Cipher Server'
ciphers-server
[TLSContexts_
ServerCipherString]
Defines the supported cipher suite for the TLS server (in
OpenSSL cipher list format).
For possible values and additional details, visit the OpenSSL
website at
https://www.openssl.org/docs/man1.0.2/apps/ciphers.html.
The default is "DEFAULT". This default value is the
OpenSSL keyword for their recommended default cipher list,
which is determined at compile time and is normally
ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2.
'Cipher Client'
ciphers-client
[TLSContexts_
ClientCipherString]
Defines the supported cipher suite for TLS clients.
For possible values and additional details, visit the OpenSSL
website at
https://www.openssl.org/docs/man1.0.2/apps/ciphers.html.
The default is "DEFAULT". This default value is the
OpenSSL keyword for their recommended default cipher list,
which is determined at compile time and is normally
ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2.
'Strict Certificate Extension
Validation'
require-strict-cert
[TLSContexts_
RequireStrictCert]
Enables the validation of the extensions (keyUsage and
extentedKeyUsage) of peer certificates. The validation
ensures that the signing CA is authorized to sign certificates
and that the end-entity certificate is authorized to negotiate a
secure TLS connection.
[0] Disable (default)
[1] Enable
'DH Key Size'
dh-key-size
[TLSContexts_DHKeySize]
Defines the Diffie-Hellman (DH) key size (in bits). DH is an
algorithm used chiefly for exchanging cryptography keys
used in symmetric encryption algorithms such as AES.
[1024] 1024 (default)
[2048] 2048
OCSP
'OCSP Server'
ocsp-server
[TLSContexts_OcspEnable]
Enables or disables certificate checking using OCSP.
[0] Disable (default)
[1] Enable
'Primary OCSP Server'
ocsp-server-primary
[TLSContexts_
OcspServerPrimary]
Defines the IP address (in dotted-decimal notation) of the
primary OCSP server.
The default is 0.0.0.0.
- 129 -

Table of Contents

Other manuals for AudioCodes Mediant 800

Preview: Reference Guide
Reference Guide195 pages
Preview: Installation Manual
Installation Manual64 pages
Preview: Configuration Guide
Configuration Guide81 pages
Preview: Quick Setup Guide
Quick Setup Guide10 pages
Preview: Hardware Installation Manual
Hardware Installation Manual64 pages

Related product manuals