tls-global
The tls-global configuration element allows you to configure global TLS parameters.
Parameters
- session-caching
- Enable or disable the SBC’s session caching capability
- Default: disabled
- Values: enabled | disabled
- session-cache-timeout
- Enter the session cache timeout in hours
- Default: 12
- Values: Min: 0 (disabled) / Max: 24
- diffie-hellman-key-size
- Enter the size of the Diffie-Hellman key offered by the SBC when negotiating TLS on a SIP interface.
- Default: DH_KeySize_1024
- Values: DH_KeySize_1024 | DH_KeySize_2048
Setting the key size to 2048 bits significantly decreases performance.
Path
tls-global is an element of the security path. The full path from the topmost ACLI prompt is: .