TLS settings

If you select TLS or SIPS under the transport setting, this additional setting appears on the page.

It may be possible to use secure communication without a certificate and make changes to these settings. In some cases, if you choose TLS or SIPS, the SIP server requires a certificate for user/client verification. This should be specified in the account information.

You can further increase security by requiring verification of the server, or the client when the Avaya B179 acts as a server for incoming calls.

TLS Setting Detail
Method The TLS includes a variety of security measures. The methods are defined in the versions of the standard (SSL, SSL v2, SSL v3, TLS v1, TLS v2). The default method is SSLv23, which accepts both SSL v2 and v3.
Negotiation timeout The TLS settings are negotiated during a call setup (both incoming and outgoing). If this negotiation does not succeed within the specified time (seconds) the negotiation is aborted. Timeout is disabled with 0 (zero).
Verify client When set to On, the Avaya B179 will activate peer verification for incoming secure SIP connections (TLS or SIPS).
Require client certificate When set to On, the Avaya B179 rejects incoming secure SIP connections (TLS or SIPS) if the client does not have a valid certificate.
Verify server When the Avaya B179 is acting as a client (outgoing connections) using secure SIP (TLS or SIPS) it will always receive a certificate from the peer. If Verify server is set to On, the Avaya B179 closes the connection if the server certificate is not valid.
Certificate Here you can upload a certificate to the Avaya B179 to be used for TLS or SIPS communication.

A certificate is a file that combines a public key with information about the owner of the public key, all signed by a trusted third party. If you trust the third party, then you can be sure that the public key belongs to the person/organization named in that file. You can also be sure that everything you decrypt with that public key is encrypted by the person/organization named in the certificate.

Root certificate The public key in the root certificate is used to verify other certificates. A root certificate is only needed if you have selected client or server verification.

A root certificate is signed by the same public key that is in the certificate, a so-called “self-signed” certificate. A typical root certificate is one received from a Certificate Authority.

Private key Here you can upload a private key to the Avaya B179 to be used for TLS or SIPS communication.

A private key is one of the keys in a key-pair used in asymmetric cryptography. Messages encrypted using the public key can only be decrypted using the private key.

Private key password The password used for encryption of the private key, if it is encrypted.