Dialogic 05-2239-009 IP Phone User Manual


 
564 Dialogic
®
Global Call API Library Reference — November 2007
Dialogic Corporation
SIP_TLS_ENGINE — TLS engine configuration information
crl_number
number of optional certificate revocation list (CRL) files. An engine may look up CRLs while
examining the incoming certificates. To add one or more CRL files, use this field to specify the
number of files in the crl_filename array. Default value is 0.
crl_filename
array of filenames for optional certificate revocation lists (CRLs). Files must be PEM format in
plain text. The size of the array is specified by crl_number. Default is NULL.
local_cipher_suite
optionally specifies a list of ciphers to use when negotiating encryption algorithms with the
remote UA. The ciphers are specified in a specially formatted string defined by OPENSSL;
OPENSSL allows for several keywords in the elist, which are shortcuts for sets of ciphers.
Default is NULL, which uses OPENSSL default string.
dh_param_512_filename
name of file containing optional DH parameter with 512-bit key length. Default is NULL, in
which case Global Call uses pre-built DH parameter with 512-bit key length.
dh_param_1024_filename
name of containing optional DH parameter with 1024-bit key length. Default is NULL, in
which case Global Call uses pre-built DH parameter with 1024-bit key length.
session_id
optionally specifies a session ID to enable session caching on the server side. When
configured, the session ID is provided to the client during handshake so that client may reuse
the session for future connection. Default is NULL (server session caching disabled).
E_client_cert_required
specifies whether the Dialogic
®
Global Call API library will require the client’s certificate for
mutual authentication when acting as a TLS server. Defined values are:
ENUM_Disabled (Default value) – Do not require client’s certificate during TLS
handshake (mutual authentication disabled)
ENUM_Enabled – Require client’s certificate during TLS handshake (mutual
authentication enabled)
E_block_udp_port
specifies whether the UDP port is disabled (both send and receive directions) to block insecure
communications and prevent downgrade attack. Defined values are:
ENUM_Disabled (Default value) – Do not block UDP port
ENUM_Enabled – Block UDP port to prevent insecure communications
E_block_tcp_port
specifies wether the TCP port will be disabled (in both send and receive directions) to block
insecure communications and prevent downgrade attack. Defined values are:
ENUM_Disabled (Default value) – Do not block TCP port
ENUM_Enabled – Block TCP port to prevent insecure communications