Configuring a TLS Profile

To configure a TLS profile:

  1. In Superuser mode, type configure terminal and press Enter. 
    ACMEPACKET# configure terminal
  2. Type security and press Enter to access the security-related objects. 
    ACMEPACKET(configure)# security
  3. Type tls-profile and press Enter to access the TLS profile-related parameters. 
    ACMEPACKET(security)# tls-profile
ACMEPACKET(tls-profile)#

    name—Enter the name of the TLS profile. This parameter is required; you cannot leave it empty. 

    ACMEPACKET(tls-profile)# name tls-prof1

    end-entity-certificate—Enter the name of the entity certification record. 

    ACMEPACKET(tls-profile)# end-entity-certificate cert1

    trusted-ca-certificates—Enter the names of the trusted CA certificate records. 

    ACMEPACKET(tls-profile)# trusted-ca-certificates cert1

    Note:

    To create and import certificate records to be used on the Web Server, see Configuring Certificates.

    cipher-list—Not supported for SIP Monitor and Trace. The Session Director ignores any value you enter for this parameter.

    • AES256-SHA (TLS_RSA_WITH_AES_256_CBC_SHA) - Firefox (version 12) and Chrome (version 19.0.1084.46m) only

    • AES128-SHA (TLS_RSA_WITH_AES_128_CBC_SHA) - Firefox (version 12) and Chrome (version 19.0.1084.46m) only

    • DES-CBC-SHA (SSL_RSA_WITH_DES_CBC_SHA or TLS_RSA_WITH_DES_CBC_SHA) - Internet Explorer (Version 9) only

    verify-depth—Not supported for SIP Monitor and Trace

    mutual-authenticate—Not supported for SIP Monitor and Trace

    tls-version—Enter the TLS version you want to use with this TLS profile. Default is compatibility. Valid values are:

    • TLSv1

    • SSLv3

    • compatibility (default) 

    ACMEPACKET(tls-profile)# tls-version TLSv1

    cert-status-check—Not supported for SIP Monitor and Trace

    cert-status-profile-list—Not supported for SIP Monitor and Trace

    ignore-dead-responder—Not supported for SIP Monitor and Trace

    allow-self-signed-cert—Not supported for SIP Monitor and Trace

  4. Enter done to save the tls-profile configuration. 
    ACMEPACKET(tls-profile)# done
  5. Enter exit to exit the TLS profile configuration. 
    ACMEPACKET(tls-profile)# exit
  6. Enter exit to exit the security configuration. 
    ACMEPACKET(security)# exit
ACMEPACKET(configure)#
  7. Enter exit to exit the configure mode. 
    ACMEPACKET(configure)# exit
  8. Enter save-config to save the configuration. 
    ACMEPACKET# save-config
  9. Enter activate-config to activate as the current configuration. 
    ACMEPACKET# activate-config
Previous
Previous 		Next
Next
Go To Table Of Contents
Contents