11.3.1 Local Node Configuration

Perform the following procedure to enable DESS (Diameter End-to-End Security) on the local node:

Note:

The DESS feature is disabled by default.

1. Log in to the active SOAM (Service Operations, Administration, and Maintenance) GUI.
2. From the Main Menu, navigate to Diameter, Configuration, Local Node, and then click Insert.
3. Select the Enable DESS Feature check box.
4. Upload the CA CERT.
5. Upload the Private Key.
6. Upload the Public Certificate.

   Note:

   Certificates must be in .pem format.
7. Select a DESS algorithm from the dropdown menu:
   1. RSA_SHA_256
   2. EC_DSA_SHA_256
   3. DSA_SHA_256
8. Click Apply.

   Note:

   Upon applying, the GUI verifies the certificates and displays an error if the public certificate is not issued by the CA certificate or if the public and private certificate do not match.
   .

   Figure 11-4 Local Node GUI Configuration