Web Interface/V7/Trusted Certificates

From Snom User Wiki

< Web Interface | V7

Jump to: navigation, search

On this page, certiﬁcates from trusted authorities can be imported to create an internal Certificate Authority (CA) list.

Overview

The phone looks up on this table whether an incoming TLS request for SIPS should be accepted because it is veriﬁed or has been signed by a Certificate Authority (CA). In the case of SIPS, the phone acts as a client. Hence, the certiﬁcate of the phone is not used in this case. The server sends a certiﬁcate that the client can accept or reject. The criterion for this is the CA list.

How to

Follow these steps for generating a certificate under Linux OS:

Generate a Certificate Authority (CA) key.
- openssl genrsa -rand -des -out private\cakey.pem 1024
Create a self-signed certificate.
- openssl req -config openssl.cnf -x509 -new -days 365 -key private\cakey.pem -out cacert.pem
Merge the two files:
- cat cacert.pem cakey.pem > mycert.pem

Example

The following certificate was created using the previous steps:

-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDvY/6vrWleqojXpBfCUOeWf1Qk1E9Sm7OUt3MLtRO2ySl773Lp
DyW47cZ245PctHU04ewLupYxOPPXE1IdfHaFWJKlb/rhkLXX/K+H6ZlKg29wRbuC
LOhSEMjVZy9ACDvf6Ej/Ya7B43IMpUjDCKsY603DnGAebEtVOWyHmuWbewIDAQAB
AoGBALrnd5Hx8rLWssCqfWJZiHcYMroOiWAV8L/L+ybI2ft8U8dPzIfqK6mW+70X
Mfq/akM/oOwHYfxMWxUxIIulAWLYlAugYdtzL0TANrKWx8fsMah7eitrSwgkSLhM
HnfeXohbhWxgyESdPdQOT/+x3+FzLgEOKTwn1Z5uFbDZXtoBAkEA99zVk0NLZTwh
0ykQcTMreS/RaZSfNqXB8Ok2sYJWT4UARdfgzYsNgjQp8s9Mqf1KLq+PnQf2HXHD
JjfU+6qY8wJBAPc/9RAzr1xAmKBXn5aGoMf/zBpB6LK+3Q5Wl2ah2JtN0HRsmN0z
sAeSz+ebfl2Pc7RgJKWjCFzZig0udYxrlVkCQAJqrc5sxoxrJK1JZjakWBUraTBN
WawPu69cpsLeUXcfBdyoeTGn3G7bkVkjukyiApon7g+K51RsKonx22rExA8CQQCp
LJ/XqCWyr5g/DfVqH0/fyMy0oqg/tYy3hNQvK0p0aTfakXu+zuEBLZkH1kMObVsz
7hzlILpWHZryDfnsTKhxAkB6IgEwFiTlW1DZjjG3kXOdEZUDqUbx2WGJPtBxqgMT
h4WKVQJ2/zz5sfPLMI8MpG/z3s072Txa7C4d+E7KPLqb
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDQjCCAqugAwIBAgIBAjANBgkqhkiG9w0BAQQFADB6MQswCQYDVQQGEwJERTET
MBEGA1UECBMKU29tZS1TdGF0ZTEPMA0GA1UEBxMGQmVybGluMRAwDgYDVQQKEwdz
bm9tIEFHMRUwEwYDVQQDEwwxOTIuMTY4LjAuMjUxHDAaBgkqhkiG9w0BCQEWDWlu
Zm9Ac25vbS5jb20wHhcNMDMxMjE4MTI1ODE0WhcNMDgxMTIxMTI1ODE0WjB6MQsw
CQYDVQQGEwJERTETMBEGA1UECBMKU29tZS1TdGF0ZTEPMA0GA1UEBxMGQmVybGlu
MRAwDgYDVQQKEwdzbm9tIEFHMRUwEwYDVQQDEwwxOTIuMTY4LjAuMjUxHDAaBgkq
hkiG9w0BCQEWDWluZm9Ac25vbS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
AoGBAO9j/q+taV6qiNekF8JQ55Z/VCTUT1Kbs5S3cwu1E7bJKXvvcukPJbjtxnbj
k9y0dTTh7Au6ljE489cTUh18doVYkqVv+uGQtdf8r4fpmUqDb3BFu4Is6FIQyNVn
L0AIO9/oSP9hrsHjcgylSMMIqxjrTcOcYB5sS1U5bIea5Zt7AgMBAAGjgdcwgdQw
HQYDVR0OBBYEFB/L6iWUiYuBJpf337RaP7hPNJeJMIGkBgNVHSMEgZwwgZmAFB/L
6iWUiYuBJpf337RaP7hPNJeJoX6kfDB6MQswCQYDVQQGEwJERTETMBEGA1UECBMK
U29tZS1TdGF0ZTEPMA0GA1UEBxMGQmVybGluMRAwDgYDVQQKEwdzbm9tIEFHMRUw
EwYDVQQDEwwxOTIuMTY4LjAuMjUxHDAaBgkqhkiG9w0BCQEWDWluZm9Ac25vbS5j
b22CAQIwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQDQuNjc40I3NaxO
7dF1dmy2UpGIW8HIfPo/sN+BFmcxcFGzrqzvOs29ZPjpEO4TCl7Jn9D8l57j3+p7
gNGLFxATOkNve4bjDXhkR4JRRY0TRyRHtIPn4HQfYjA3lm5HVYKFURHBsFcBLAoA
VlImFbXbzvJLX9watM8sf8q1skKa7g==
-----END CERTIFICATE-----

Retrieved from "http://wiki.snom.com/Web_Interface/V7/Trusted_Certificates"

Categories: Web User Interface | V7 | Security

Configuration > Web User Interface
Firmware > V7
Security

Views

Personal tools

Log in / create account

VoIP Phone Products

main navigation

Configuration

knowledgebase

Search

Toolbox