Teo IPTelephone Network User Manual

Security Guidelines

13-280132 Rev. Q

Page 35

Security Settings

XML Tag

Data / Description

<ocsp_va_cert>

filename.pem
ocsp_va_cert>

The file that contains explicitly-trusted responder

certificates.
This option must be provided if the certificates are

self-signed.
filename includes the full path specification, and can

be up to 250 characters.

<ocsp_signer_cert>

filename.pem
ocsp_signer_cert>

The file that contains the certificate used to sign the

OCSP request.
If ocsp_signer_key is not present, the private key is

read from this file. If neither option is present, then

the OCSP request is not signed.
filename includes the full path specification, and can

be up to 250 characters.

<ocsp_signer_key>

filename.pem
ocsp_signer_key>

The file that contains the key used to sign the OCSP

request.
If this file is not present, the private key is read from

ocsp_signer_cert. If neither option is present, then the

OCSP request is not signed.
filename includes the full path specification, and can

be up to 250 characters.

<cert_private_phone>

filename.pem

cert_private_phone>

The file that contains the certificate and private key

for the phone. The server must have the certificate

and public key in order to validate the phone.
filename includes the full path specification, and can

be up to 250 characters.

<cert_trusted_ca_list>

filename.pem

cert_trusted_ca_list>

The file that contains a list of trusted certificate

authorities.
filename includes the full path specification, and can

be up to 250 characters.

<tls_require_cert>

ON/OFF

tls_require_cert>

Determines whether a valid certificate is required for

a TLS connection. If set to OFF, the phone will accept

any certificate from the server as valid.
ON
OFF (default)
Important Note: This tag must reside in the XML file

AFTER the following tags:
, ,

, ,

and .