diff options
author | Jenkins2 <jenkins2@gerrit.asterisk.org> | 2017-11-06 12:04:09 -0600 |
---|---|---|
committer | Gerrit Code Review <gerrit2@gerrit.digium.api> | 2017-11-06 12:04:09 -0600 |
commit | 457abd06b4b6e89f80e106ef710bf2cf8932b7f8 (patch) | |
tree | fe0aeee4517c9bdcdb0527fa50f5383445e491d8 /configs/samples | |
parent | 2b9905d5de850088f7f14f4a8f60ea90085c81cc (diff) | |
parent | ddb8fd612472ff210412e69ceaed51821fc24975 (diff) |
Merge "dtls: Add support for ephemeral DTLS certificates." into 15
Diffstat (limited to 'configs/samples')
-rw-r--r-- | configs/samples/pjsip.conf.sample | 10 | ||||
-rw-r--r-- | configs/samples/sip.conf.sample | 2 |
2 files changed, 8 insertions, 4 deletions
diff --git a/configs/samples/pjsip.conf.sample b/configs/samples/pjsip.conf.sample index 800ff0f44..302899a17 100644 --- a/configs/samples/pjsip.conf.sample +++ b/configs/samples/pjsip.conf.sample @@ -746,10 +746,12 @@ ; "no") ;dtls_rekey=0 ; Interval at which to renegotiate the TLS session and rekey ; the SRTP session (default: "0") -;dtls_cert_file= ; Path to certificate file to present to peer (default: - ; "") -;dtls_private_key= ; Path to private key for certificate file (default: - ; "") +;dtls_auto_generate_cert= ; Enable ephemeral DTLS certificate generation (default: + ; "no") +;dtls_cert_file= ; Path to certificate file to present to peer (default: + ; "") +;dtls_private_key= ; Path to private key for certificate file (default: + ; "") ;dtls_cipher= ; Cipher to use for DTLS negotiation (default: "") ;dtls_ca_file= ; Path to certificate authority certificate (default: "") ;dtls_ca_path= ; Path to a directory containing certificate authority diff --git a/configs/samples/sip.conf.sample b/configs/samples/sip.conf.sample index 9b52ec06c..ace509759 100644 --- a/configs/samples/sip.conf.sample +++ b/configs/samples/sip.conf.sample @@ -1340,6 +1340,7 @@ srvlookup=yes ; Enable DNS SRV lookups on outbound calls ; encryption ; description ; Used to provide a description of the peer in console output ; dtlsenable +; dtlsautogeneratecert ; dtlsverify ; dtlsrekey ; dtlscertfile @@ -1369,6 +1370,7 @@ srvlookup=yes ; Enable DNS SRV lookups on outbound calls ; ; A value of 'certificate' will perform ONLY certficiate verification ; dtlsrekey = 60 ; Interval at which to renegotiate the TLS session and rekey the SRTP session ; ; If this is not set or the value provided is 0 rekeying will be disabled +; dtlsautogeneratecert = yes ; Enable ephemeral DTLS certificate generation. The default is 'no.' ; dtlscertfile = file ; Path to certificate file to present ; dtlsprivatekey = file ; Path to private key for certificate file ; dtlscipher = <SSL cipher string> ; Cipher to use for TLS negotiation |