Brekeke Documents

Find user guides, developer guides, API references, tutorials, and more!

Brekeke SIP Server Wiki

  1. Brekeke SIP Server Basic Info
  2. Security
  3. Update & Upgrade
  4. Configuration
    1. Installation
    2. Basic Setup
    3. BSS Administration Tool
    4. Network Configuration
    5. Dial Plan
    6. Block List
    7. Provisioning
    8. Push Notification
    9. SDN
    10. STIR/SHAKEN
    11. Advanced Edition
      1. Alias function
      2. Call detailed records (CDR)
      3. Failover
      4. Load balancing by BSS
      5. RADIUS
      6. TLS
        1. Key and Certificate
        2. How to create a self-signed certificate using OpenSSL
        3. How to install a certificate chain
        4. Peer Certification Validation
        5. Environment Variables for TLS
        6. Monitoring and Diagnostic
        7. How to convert TLS to another transport protocol (UDP,TCP)
      7. SRTP Conversion
      8. Redundancy
      9. Brekeke Heartbeat Remote Access Setup
      10. Brekeke SIP Server Failure Notification
      11. Heavy loads alert with Brekeke Heartbeat
      12. Monitoring SIP Devices with Heartbeat
    12. Other Functions
    13. Third-Party Database
    14. Environment Variables
  5. Troubleshooting
  6. Developer's Guide
  7. Version History

Environment Variables for TLS

Using of Environment Variables allows an administrator to tune TLS handling behavior. These variables can be specified by adding properties in Brekeke SIP server Admintool > [Configuration] > [Advanced] page.

 

Thread Priority

The thread priority for the TLS listener. (1-10, default=5)

net.sip.tls.listener.thread.priority

The thread priority for a TLS connection. (1-10, default=5)

net.sip.tls.connection.thread.priority

 

TLS Socket

The receiving buffer size as SO_RCVBUF.

net.sip.tls.recv.bufsize

The sending buffer size as SO_SNDBUF.

net.sip.tls.send.bufsize

The flag as SO_REUSEADDR.

net.sip.tls.reuse

The timeout value in milliseconds as SO_TIMEOUT for the TLS listener. 0 means infinite. (default=0)

net.sip.tls.sotimeout.server

The timeout value in milliseconds as SO_TIMEOUT for TLS connections. 0 means infinite.

net.sip.tls.sotimeout.client

The timeout value in milliseconds as connect-timeout. 0 means infinite. (default=800)

net.sip.tls.connect.timeout

The allowable maximum number of TLS connections. 0 means unlimited. (default=0)

net.sip.tls.max.connection

The queue size for incoming TLS connections. (default=50)

net.sip.tls.size.queue

The flag as TCP_NODELAY.

net.sip.tls.nodelay

The flag as SO_KEEPALIVE.

net.sip.tls.keepalive.use

The TOS field. (0x0-0xff)

net.sip.tls.tos

The flag whether new TLS sessions may be established by the sockets which are created from the TLS lister. If true, new TLS session may be created. If false, an existing TLS session must be resumed. (default=true)

net.sip.tls.sessioncreation

Bind Interface IP address

net.sip.tls.bind.interface

If “need” is set, SIP Server requests client certificate.

net.sip.tls.clientauth

 

SIP Session over TLS

The flag for reaching a SIP UA even if the address/port of Contact-URI is different from the remote IP address/port. (default=true)

net.sip.tls.connection.put.followable

The flag for closing a TLS connection if a related REGISTER record expires. (default=true)

net.sip.tls.timer.use

The length in milliseconds for waiting an incoming packet after closing of a SIP session. (default=5000)

net.sip.tls.wait.closing

 

Specify TLS versions
net.sip.tls.protocol.N    <- For TLS connection
net.sip.wss.protocol.N    <- For WSS connection

*N is sequence number from 1 that represents priority during hand shake. 1 is higher priority.

Example: Enable only TLSv1.3 and 1.2 on TLS connection

 net.sip.tls.protocol.1 = TLSv1.3 net.sip.tls.protocol.2 = TLSv1.2

Example: Enable only TLSv1.3 and 1.2 on on WSS connection

net.sip.wss.protocol.1 = TLSv1.3net.sip.wss.protocol.2 = TLSv1.2

 

 

Yes No
« Peer Certification ValidationMonitoring and Diagnostic »
Suggest Edit