MyPBX Standard V6/V7 Administrator's Guide
www.yeastar.com Page 192
Set this parameter as ―No‖, then common name must be the same with IP or
domain name.
·TLS Client Method
When using MyPBX as a TLS client, specify the protocol for outbound TLS
connections. You can select it as tlsv1, sslv2 or sslv3.
Figure J-2
Note:
1. For security reason, we recommend enabling ―TLS Verify Client‖ and
disabling ―TLS Ignore Common Name‖, in which case, MyPBX will verify IP
phone‘s Certificate, the common name inside CA should be the same as its IP
or domain name.
2. TLS Client Method: it‘s the TLS method of IP phone; you can contact the
manufacturer of the IP phone to get that.
3. You need to reboot MyPBX to take effect after enabling TLS.
2. Prepare the whole certificates for TLS
Here are the certificates of MyPBX and IP phones for TLS registry as the screen
shot above:
MyPBX‘s CA: CA.crt.
MyPBX‘s server certificate: asterisk.pem.
IP phone‘s CA: CA.crt or CA.csr.
IP phone‘s server certificate: client.pem.
The certificate is generated via the toolkit OpenSSL, you can compile the source
package from http://www.openssl.org/, or download the tool used here,
download link:
www.yeastar.com/download/tools/TLS_CA_Tool.rar
To Next Page
Loading...
Need help?
General
