Merge "dtls: Add support for ephemeral DTLS certificates." into 15

author: Jenkins2 <jenkins2@gerrit.asterisk.org> 2017-11-06 12:04:09 -0600
committer: Gerrit Code Review <gerrit2@gerrit.digium.api> 2017-11-06 12:04:09 -0600
commit: 457abd06b4b6e89f80e106ef710bf2cf8932b7f8 (patch)
tree: fe0aeee4517c9bdcdb0527fa50f5383445e491d8 /configs/samples
parent: 2b9905d5de850088f7f14f4a8f60ea90085c81cc (diff)
parent: ddb8fd612472ff210412e69ceaed51821fc24975 (diff)
2 files changed, 8 insertions, 4 deletions
diff --git a/configs/samples/pjsip.conf.sample b/configs/samples/pjsip.conf.sample
index 800ff0f44..302899a17 100644
--- a/configs/samples/pjsip.conf.sample
+++ b/configs/samples/pjsip.conf.sample
@@ -746,10 +746,12 @@
                 ; "no")
 ;dtls_rekey=0   ; Interval at which to renegotiate the TLS session and rekey
                 ; the SRTP session (default: "0")
-;dtls_cert_file=        ; Path to certificate file to present to peer (default:
-                        ; "")
-;dtls_private_key=      ; Path to private key for certificate file (default:
-                        ; "")
+;dtls_auto_generate_cert= ; Enable ephemeral DTLS certificate generation (default:
+                          ; "no")
+;dtls_cert_file=          ; Path to certificate file to present to peer (default:
+                          ; "")
+;dtls_private_key=        ; Path to private key for certificate file (default:
+                          ; "")
 ;dtls_cipher=   ; Cipher to use for DTLS negotiation (default: "")
 ;dtls_ca_file=  ; Path to certificate authority certificate (default: "")
 ;dtls_ca_path=  ; Path to a directory containing certificate authority
diff --git a/configs/samples/sip.conf.sample b/configs/samples/sip.conf.sample
index 9b52ec06c..ace509759 100644
--- a/configs/samples/sip.conf.sample
+++ b/configs/samples/sip.conf.sample
@@ -1340,6 +1340,7 @@ srvlookup=yes                   ; Enable DNS SRV lookups on outbound calls
 ; encryption
 ; description		; Used to provide a description of the peer in console output
 ; dtlsenable
+; dtlsautogeneratecert
 ; dtlsverify
 ; dtlsrekey
 ; dtlscertfile
@@ -1369,6 +1370,7 @@ srvlookup=yes                   ; Enable DNS SRV lookups on outbound calls
 ;				     ; A value of 'certificate' will perform ONLY certficiate verification
 ; dtlsrekey = 60                     ; Interval at which to renegotiate the TLS session and rekey the SRTP session
 ;                                    ; If this is not set or the value provided is 0 rekeying will be disabled
+; dtlsautogeneratecert = yes         ; Enable ephemeral DTLS certificate generation. The default is 'no.'
 ; dtlscertfile = file                ; Path to certificate file to present
 ; dtlsprivatekey = file              ; Path to private key for certificate file
 ; dtlscipher = <SSL cipher string>   ; Cipher to use for TLS negotiation
author	Jenkins2 <jenkins2@gerrit.asterisk.org>	2017-11-06 12:04:09 -0600
committer	Gerrit Code Review <gerrit2@gerrit.digium.api>	2017-11-06 12:04:09 -0600
commit	457abd06b4b6e89f80e106ef710bf2cf8932b7f8 (patch)
tree	fe0aeee4517c9bdcdb0527fa50f5383445e491d8 /configs/samples
parent	2b9905d5de850088f7f14f4a8f60ea90085c81cc (diff)
parent	ddb8fd612472ff210412e69ceaed51821fc24975 (diff)