diff options
author | Joshua Colp <jcolp@digium.com> | 2017-11-06 12:22:38 -0600 |
---|---|---|
committer | Gerrit Code Review <gerrit2@gerrit.digium.api> | 2017-11-06 12:22:38 -0600 |
commit | 637b37fb980822f50966f5292a786d03a859cd89 (patch) | |
tree | 26cfbc1d25a421cf2ce7068e63d1c218a3e92ca2 /res/res_pjsip.c | |
parent | 3126c396b1d7468da79a3c6bb282217829a33c11 (diff) | |
parent | 04d3785a798e984a5f5d43ec5f124a9b30a58b9e (diff) |
Merge "dtls: Add support for ephemeral DTLS certificates."
Diffstat (limited to 'res/res_pjsip.c')
-rw-r--r-- | res/res_pjsip.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/res/res_pjsip.c b/res/res_pjsip.c index 7b3f25c5d..21e43f073 100644 --- a/res/res_pjsip.c +++ b/res/res_pjsip.c @@ -773,6 +773,18 @@ If this is not set or the value provided is 0 rekeying will be disabled. </para></description> </configOption> + <configOption name="dtls_auto_generate_cert" default="no"> + <synopsis>Whether or not to automatically generate an ephemeral X.509 certificate</synopsis> + <description> + <para> + If enabled, Asterisk will generate an X.509 certificate for each DTLS session. + This option only applies if <replaceable>media_encryption</replaceable> is set + to <literal>dtls</literal>. This option will be automatically enabled if + <literal>webrtc</literal> is enabled and <literal>dtls_cert_file</literal> is + not specified. + </para> + </description> + </configOption> <configOption name="dtls_cert_file"> <synopsis>Path to certificate file to present to peer</synopsis> <description><para> @@ -1029,6 +1041,7 @@ use_received_transport. The following configuration settings also get defaulted as follows:</para> <para>media_encryption=dtls</para> + <para>dtls_auto_generate_cert=yes (if dtls_cert_file is not set)</para> <para>dtls_verify=fingerprint</para> <para>dtls_setup=actpass</para> </description> |