Phone certificate and private key – Teo IPTelephone Network User Manual

Security Guidelines

13-280132 Rev. Q

Page 67

P

P

h

h

o

o

n

n

e

e

C

C

e

e

r

r

t

t

i

i

f

f

i

i

c

c

a

a

t

t

e

e

a

a

n

n

d

d

P

P

r

r

i

i

v

v

a

a

t

t

e

e

K

K

e

e

y

y

XML Tag

Data / Description

<cert_private_phone>

filename

cert_private_phone>

This .pem file contains the certificate and private key

for the phone. The server must have the certificate

and public key in order to validate the phone.
filename includes the full path specification, and can

be up to 250 characters.

<cert_trusted_ca_list>

filename
cert_trusted_ca_list>

This .pem file contains a list of trusted certificate

authorities.
filename includes the full path specification, and can

be up to 250 characters.

<tls_require_cert>

ON

tls_require_cert>

Determines whether a valid certificate is required for

a TLS connection. If set to OFF, the phone will accept

any certificate from the server as valid.
When attempting to establish a new TLS connection,

it is often helpful to set this parameter to OFF so that

the validity of the certificate is not checked. This

allows debugging of the TLS connection independent

of the certificate status.
Once the TLS connection is working, setting this

parameter to ON will then require valid certificates to

establish a connection.
Important Note: This tag must reside in the XML file

AFTER the following tags:
, ,

, ,

and .