Certificate Entry

Description:

The Certificate Entry or Trust ID, contains the filenames associated with a particular certificate when configuring TLS Security. The certificate entry provides the necessary information so that two parties, or peers, can negotiate a secure TLS session. The certificate entry consists of three files. They are the Private Key, the Public Key Certificate, and the trusted CA list. Once a Certificate Entry is created, it is selectable in a drop down list in the Secure Profile object in ClientView. See Secure Profile. The operator must install these files on the GCEMS server in the /home/excelsw/ftpBuilds directory. The IMG will ftp the files from the GCEMS server when the filenames are configured in this pane.

 

Note: The files must be present in the directory above otherwise TLS calls will fail.

Accessing this Pane

Dialogic IMG EMS > Certificate Database

Maximum Objects:

Maximum of 16 Certificate Entries or 'Trust-ID's' per Certificate Database  

Related Topics:

Secure Profile

SIP over TLS Overview

Certificate Database

 

ClientView Pane:

sc_tls_certificate_entry.png

 

 

Field Descriptions

Trust ID

The Trust ID is the Primary Key and is a unique identifier used to access a Trust ID record. This field is automatically populated with the next available ID. The IMG will allow a maximum of 16 Trust ID's.

 

Trust Name

The Trust ID name or AUS (Application Unique String) which is used to compare the remote certificate. This is generally an FQDN (Fully Qualified Domain Name).

 

Private Key Filename

File containing the encrypted RSA private key. The file contains a key in PEM (Privacy Enhanced Mail) format.

 

Password

Password to decrypt the private key. The password is encrypted by the host when configured.

 

Certificate Filename

File containing the public certificate in PEM format

 

Trusted CA List Filename

File containing the certificate chain representing the trusted CA's. The file contains certificates in PEM format. The complete certificate chain must be included, that is the root CA certificate, and any intermediate CA and server certificates.