Linksys RTP300 User Guide - Page 59
Generating a Mini Certificate, Partners in Europe, the Middle East - password
UPC - 745883565658
View all Linksys RTP300 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 59 highlights
Secure Call Implementation The CA public key is used to verify the MC received from the other end. If the MC is invalid, the call will not switch to secure mode. The MC and the 1024-bit CA public key are concatenated and base64 encoded into the single parameter Mini Certificate. The 512-bit private key is base64 encoded into the SRTP Private Key parameter, which should be kept secret, like a password. (Mini Certificate and SRTP Private Key are configured in the Line tabs.) Because the secure call establishment relies on exchange of information embedded in message bodies of SIP INFO requests/responses, the service provider must ensure that the network infrastructure allows the SIP INFO messages to pass through with the message body unmodified. Generating a Mini Certificate Linksys provides a Mini Certificate Generator for the generation of mini certificates and private keys. • Partners in North America can find the Mini Certificate Generator on the SPA Utilities page at the Linksys Partner Connection (LPC) at Linksys.com. • Partners in Europe, the Middle East, and Africa can find the Mini Certificate Generator on the Firmware and Tools page at linksys-itsp.com. NOTE: The partner sites require a logon. The Mini Certificate Generator uses the following syntax: gen_mc ca-key user-name user-id expire-date Where: • ca-key is a text file with the base64 encoded 1024-bit CA private/public key pairs for signing/verifying the MC, such as the following: 9CC9aYU1X5lJuU+EBZmi3AmcqE9U1LxEOGwopaGyGOh3VyhKgi6JaVtQZt87PiJINKW8XQj3B9Qqe3VgYx WCQNa335YCnDsenASeBxuMIEaBCYd1l1fVEodJZOGwXwfAde0MhcbD0kj7LVlzcsTyk2TZYTccnZ75TuTj j13qvYs= 5nEtOrkCa84/mEwl3D9tSvVLyliwQ+u/Hd+C8u5SNk7hsAUZaA9TqH8Iw0J/ IqSrsf6scsmundY5j7Z5mK5J9uBxSB8t8vamFGD0pF4zhNtbrVvIXKI9kmp4vph1C5jzO9gDfs3MF+zjyY rVUFdM+pXtDBxmM+fGUfrpAuXb7/k= • user-name is the name of the subscriber, such as "Joe Smith". Maximum length is 32 characters • user-id is the User ID of the subscriber, which must match exactly the user-id used in the INVITE when making the call, such as "14083331234". The maximum length is 16 characters. • expire-date is the expiration date of the MC, such as "00:00:00 1/1/34" (34=2034). Internally the date is encoded as a fixed 12B string: 000000010134 Linksys ATA Administration Guide 59