P-Certificate-Subject-Common-Name to REGISTER Messages

Most Enterprises use revocation servers to authenticate certificates when user equipment registers with the Oracle® Enterprise Session Border Controller. For high security enterprises, such as government organizations, user equipment, such as a cell phone, may have a certificate installed. If the user equipment is stolen, for example, the thief could use the equipment to register with theOracle® Enterprise Session Border Controller and logon to the system before the certificate is revoked from the server.

The Oracle® Enterprise Session Border Controller allows you to enable or disable the addition of a User certificate in the incoming REGISTER message header. This provides an additional layer of security when the user equipment registers with the Oracle® Enterprise Session Border Controller. When the feature is enabled, the individual user certificate must match the user’s identity during Registration.

You can enable or disable this feature using the “verify-certificate-info-register” parameter under the existing enforcement-profile object in session-router. in the ACLI. When enabled, and a REGISTER message is encountered, the Oracle® Enterprise Session Border Controller adds the User certificate information to the message header. The header is then used in validating the Request-URI Based on certificate information.