ContentsPrint

TLS mutual authentication for SIP endpoints

Session Manager provides validation of the endpoint Transport Layer Security (TLS) certificate. This authentication is applicable to SIP and HTTP traffic.

From Release 7.0.1, Session Manager provides the ability for administrators, while authenticating SIP devices, to choose the following:

The TLS Endpoint Certificate Validation field has three options:

The default setting for the upgrades, as well as new installations, is optional mutual authentication. You can decide to change the setting to no or mandatory mutual authentication. If you select mandatory mutual authentication for the TLS Endpoint Certificate Validation field, Session Manager rejects the connection request if:
noteNote

If you select the Required option for Pre 7.0.1 Session Manager, it results to the Optional option to support backward compatibility.

Implementation of the new TLS validation policy supports network configuration of Session Manager 7.0 and later with the earlier versions of Session Manager or Branch Session Manager.