Filter
Top Products
301
Dialogic Corporation
/* initialize TLS Engine */
SIP_TLS_ENGINE sip_tls_engine;
INIT_SIP_TLS_ENGINE(&sip_tls_engine);
/* change default port number */
sip_tls_engine.sip_tls_port = 5062;
/* configure local RSA certificate and key */
sip_tls_engine.local_rsa_private_key_filename = "localhost.rsa-key-cert.pem";
sip_tls_engine.local_rsa_private_key_password = "RSAKeyPassword";
sip_tls_engine.local_rsa_cert_filename = "localhost.rsa-key-cert.pem";
/* configure local DSS certificate and key */
sip_tls_engine.local_dss_private_key_filename = "localhost.dss-key-cert.pem";
sip_tls_engine.local_dss_private_key_password = "DSSKeyPassword";
sip_tls_engine.local_dss_cert_filename = "localhost.dss-key-cert.pem";
/* configure two root certficates */
sip_tls_engine.ca_cert_number = 2;
sip_tls_engine.ca_cert_filename = (char**)calloc(sip_tls_engine.ca_cert_number,sizeof(char*));
sip_tls_engine.ca_cert_filename[0] = "cacert1.pem";
sip_tls_engine.ca_cert_filename[1] = "cacert2.pem";
/* configure two chain certificates */
sip_tls_engine.chain_cert_number = 2;
sip_tls_engine.chain_cert_filename =
(char**)calloc(sip_tls_engine.chain_cert_number,sizeof(char*));
sip_tls_engine.chain_cert_filename[0] = "chaincert1.pem";
sip_tls_engine.chain_cert_filename[0] = "chaincert2.pem";
/* configure one CRL */
sip_tls_engine.crl_number = 1;
sip_tls_engine.crl_filename = (char**)calloc(sip_tls_engine.crl_number,sizeof(char*));
sip_tls_engine.crl_filename[0] = "crl.pem";
/* configure local cipher list to be exportable, sorted with key strength */
sip_tls_engine.local_cipher_suite = "EXP:@STRENGTH";
/* configure DH parameters */
sip_tls_engine.dh_param_512_filename = "dh512_param.pem";
sip_tls_engine.dh_param_1024_filename = "dh1024_param.pem";
/* enable server session cache by setting session id string */
sip_tls_engine.session_id = "HMP Media Server";
/* enable mutual authentication, disable UDP and TCP ports */
sip_tls_engine.E_client_cert_required = ENUM_Enabled;
sip_tls_engine.E_block_udp_port = ENUM_Disabled;
sip_tls_engine.E_block_tcp_port = ENUM_Disabled;
/* configure virtual board TLS engine pointer */
virtBoard[0].sip_tls_engine = &sip_tls_engine
4.24.2.2 Enabling TCP in IP_VIRTBOARD
The TLS security mechanism operates on top of the TCP protocol, support for which is optional in
Global Call. It is therefore necessary to enable the TCP protocol in IP_VIRTBOARD by setting the
E_SIP_tcpenabled field to ENUM_Enabled. If an IP_VIRTBOARD structure which contains a
SIP_TLS_ENGINE structure but which does not enable TCP is passed to gc_Start( ), the library
initialization will fail.