Figure 8: pbx->sip settings->tcp/tls – Grandstream UCM6100 Security Manual User Manual

UCM6100 Security Manual Page 14 of 23

TLS

The UCM6100 administrators may consider securing SIP packets sent across an untrusted network. Using

TLS could be a solution. It will authenticate servers and clients, and then encrypt SIP messages between

the authenticated parties.

TLS can be configured under UCM6100 web GUI->PBX->SIP Settings->TCP/TLS page.

Figure 8: PBX->SIP Settings->TCP/TLS

1.

Set “TLS Enable” as “Yes” to enable TLS on UCM6100.

2.

Configure “TLS Do Not Verify”, “TLS Self-Signed CA” and “TLS Cert” properly to achieve basic TLS

authentication and encryption.



TLS Self-Signed CA

This is used when UCM6100 acts as a client, to authenticate the server. If the server the

UCM6100 connecting to uses a self-signed certificate, you should have their certificate installed