Certificate

 

The Certificate Entry or Trust ID, contains the filenames associated with a particular certificate when configuring TLS Security. The certificate entry provides the necessary information so that two parties, or peers, can negotiate a secure TLS session. The certificate entry consists of three files. They are the Private Key, the Public Key Certificate, and the trusted CA list. Once a Certificate Entry is created, it is selectable in a drop down list in the Secure Profile object.

The certificate files need to be loaded to the directory that the IMG 2020's system software binary file is being loaded from. If the IMG 2020's system software binary file is being downloaded to the IMG 2020 from the SD Card, then the certificate files need to be loaded onto the SD Card. If the IMG 2020 binary is being downloaded from a server using the DHCPD service then the three certificate files need to be loaded into the directory that the binary file is loaded. The files must be present in the directory above otherwise TLS calls will fail.

Web GUI Page

Dialogic > Certificate Database > New Certificate

 

Maximum Objects

Maximum of 16 Certificates or Trust-ID's per Certificate Database  

Related Topics and Dependencies

For configuration information and dependencies refer to links below.

Certificate Database

Secure Profiles

Secure Profile

SIP Signaling over TLS Overview

IMG 1010 - TLS - Configuration

Field Descriptions

ID

The ID field is automatically populated with the next available ID. To modify, select a new ID from the drop down menu in the ID field. ID's range from 0 to 15.

Name

The Trust ID name or AUS (Application Unique String) is used to compare the remote certificate. By default, this is pre-populated with Certificate_<x> where x is a numerical value. To modify, highlight the existing selection and enter a different Name.

Password

Password to decrypt the private key. The password is encrypted by the host when configured.

Private Key Filename

File containing the encrypted RSA private key. The file contains a key in PEM (Privacy Enhanced Mail) format. In the Private Key Filename field, enter the filename of the Private Key that was loaded into the directory the system software was loaded from.

Certificate Filename

File containing the public certificate in PEM format. In the Certificate Filename field, enter the filename of the certificate that was loaded into the directory the system software was loaded from.

Trusted CA List Filename

File containing the certificate chain representing the trusted CA's. The file contains certificates in PEM format. The complete certificate chain must be included that is the root CA certificate, and any intermediate CA and server certificates. In the Trusted CA List Filename field, enter the filename of the CA List Filename that was loaded into the directory the system software was loaded from.  

Return to Documentation Home I Return to Sangoma Support