Name: Matrix Sparsh VP110
Brand: Matrix
Rating: 5 (1 reviews)

To Next Page

To Previous Page

Matrix SPARSH VP110 User Guide 297

IP phones can encrypt SIP with TLS, which is called SIPS. When TLS is enabled for an account, the SIP message

of this account will be encrypted, and a lock icon appears on the LCD screen after the successful TLS negotiation.

Certificates

The IP phone can serve as a TLS client or a TLS server. The TLS requires the following security certificates to

perform the TLS handshake:

• Trusted Certificate: When the IP phone requests a TLS connection with a server, the IP phone should

verify the certificate sent by the server to decide whether it is trusted based on the trusted certificates list.

The IP phone has 30 built-in trusted certificates. You can upload 10 custom certificates at most. The

format of the trusted certificate files must be “*.pem”, “*.cer”, “*.crt” and “*.der” and the maximum file size is

5MB. For more information on 30 trusted certificates, refer “Appendix C - Trusted Certificates”.

• Server Certificate: When clients request a TLS connection with the IP phone, the IP phone sends the

server certificate to the clients for authentication. The IP phone has two types of built-in server certificates:

a unique server certificate and a generic server certificate. You can only upload one server certificate to

the IP phone. The old server certificate will be overridden by the new one. The format of the server

certificate files must be “*.pem” and “*.cer” and the maximum file size is 5MB.

The IP phone can authenticate the server certificate based on the trusted certificates list. The trusted certificates list

and the server certificates list contain the default and custom certificates. You can specify the type of certificates

the IP phone accepts: default certificates, custom certificates or all certificates.

Common Name Validation feature enables the IP phone to mandatorily validate the common name of the certificate

sent by the connecting server.

• In TLS feature, we use the terms trusted and server certificate. These are also known as CA and

device certificates.

• Resetting the IP phone to factory defaults will delete custom certificates by default. But this feature is

configurable using the configuration files. For more information on the configuration parameter, refer

“Appendix D - Configuration Parameters”.

Procedure

Configuration changes can be performed using the configuration files or locally.

Matrix Sparsh VP110 User Manual

Other manuals for Matrix Sparsh VP110