1. Maintenance and Troubleshooting Guide
  2. Performance Management
  3. Viewing TLS Information

Viewing TLS Information

You can use the commands described in this section to obtain information about TLS and its associated Acme Packet SSM hardware module.

Clearing the Entire TLS Session Cache

To clear the entire TLS session cache:

  1. Enter the ACLI clear-cache tls command.
    ORACLE# clear-cache tls

Viewing TLS Session Cache State and Statistics

To see whether TLS session caching is enabled on your system and how many entries there are in the cache:

  1. Enter the ACLI show security tls session-cache command.
    ORACLE# show security tls session-cache
TLS Session Caching enabled.
Current TLS Session Cache Entries: 3
ORACLE#

Viewing Certificates in PEM Form

The ACLI show certificates command has been enhanced to provide a pem argument that you can use to retrieve the Privacy Enhanced Mail Security Certificate (PEM) portion of the certificate after it the Oracle Communications Session Border Controller has imported it.

You enter this command with the name of the certificate you want to see in PEM form.

To see a certificate in PEM form:

  1. Enter the command show security certificates pem followed by a Space, the name of the certificate, and then press Enter.
    ORACLE# show security certificates pem client1a
certificate-record:client1a
-----BEGIN PKCS7-----
MIIDRwYJKoZIhvcNAQcCoIIDODCCAzQCAQExADADBgEAoIIDJDCCAyAwggKJoAMC
AQICCAITAlAAhACeMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNVBAYTAlVTMRMwEQYD
VQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTYW4gSm9zZTEOMAwGA1UEChMFc2lw
aXQxKTAnBgNVBAsTIFNpcGl0IFRlc3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4X
DTA2MDgxMDE1NDQ0OVoXDTA5MDgwOTE1NDQ0OVowVzELMAkGA1UEBhMCVVMxCzAJ
BgNVBAgTAk1BMRMwEQYDVQQHEwpCdXJsaW5ndG9uMRQwEgYDVQQKEwtFbmdpbmVl
cmluZzEQMA4GA1UEAxMHcnlhbmVuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
gYEAshgHLBsuBe6HhyxDsv+6hB53a7rTWRNju10QkOhitAEhVswgyj3wCHnd5o62
LVAi3esKJfnRJI/gleHZ7uhVlL3juMhDTcF/XT+Dzb+ZBMmgJQzrkokseRgL2aLl
FBbnnG3DoUugyk/Jp3J6CBz+ZGUf85WQri1JuDREJ9fVCM0CAwEAAaOB2zCB2DAP
BgNVHREECDAGggRyeWFuMAkGA1UdEwQCMAAwHQYDVR0OBBYEFAphhPV97obtLICT
9mn1yOVU2yduMIGaBgNVHSMEgZIwgY+AFGtGFxTqlHYlgFRuE1TaoeNUFKG2oXSk
cjBwMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMI
U2FuIEpvc2UxDjAMBgNVBAoTBXNpcGl0MSkwJwYDVQQLEyBTaXBpdCBUZXN0IENl
cnRpZmljYXRlIEF1dGhvcml0eYIBADANBgkqhkiG9w0BAQUFAAOBgQAzSuW+sYI2
I/K/8Fo8Pj6T8qDWh3qcEoqJkPylFXHSWCdQPdKr0iiYAgnV3wE8dhRRZWWRb30T
yIQzfc2YTJStJ/XveX/Hwt4X1yRwcBL32Rr4XjiDpeUWWRfwwqAH5RfjS4X/kHw4
agrTDzKbE03+kSr2dPb42ko+TaiSDoLI8jEA
-----END PKCS7-----
ORACLE#

Viewing SSM Status

For TLS support, you must have an Oracle SSM hardware module installed in the system chassis. Without this module, TLS functions will not work.

The Oracle Communications Session Border Controller tells you whether or not the SSM installed on boot-up, but now you can check the module’s status from the command line.

To view the status of the SSM installed in your Oracle Communications Session Border Controller chassis:

  1. Enter the command show security ssm-accelerator, and press Enter. The system will tell you if an SSM is installed. 
    ORACLE# show security ssm-accelerator
SSM (Security Service Module) present.
ORACLE#