Setup secure connections (TLS/WSS/HTTPS) with certificate:
Overview
Brekeke provides the following secure connections;
- TLS — For SIP session between SIP UA and Brekeke SIP Server.(Advanced Edition only)
- WSS— For WebSocket transport between Brekeke SIP Server and Browser. If you use webRTC feature, this secure connection is needed.
- HTTPS – For using Brekeke UC or for secure browsing of the web admin tools.
How to setup
<TLS>
Step1. Prepare Key and Certificate.
There are 4ways to prepare certificate. Please select one.
Case1. -> Create Self-Signed Certificate by using the key generation tool at Brekeke web site.
(http://www.brekeke.com/support/self_signed_crt.php)
Case2. -> Create Self-Signed Certificate by using OpenSSL.
(https://docs.brekeke.com/sip/how-to-create-a-self-signed-certificate-using-openssl )
Case3. -> Get official Signed Certificate. ( Follow each CA vendor’s instruction.)
Case4. -> Get free Certificate from “Let’s Encrypt”.
(https://docs.brekeke.com/sip/get-free-certificates-from-lets-encrypt)
Step2. Upload certificate and Enable TLS settings on Web admin tool page.
(https://docs.brekeke.com/sip/prepare-the-key-and-certificate )
Regarding the detail of other TLS settings, refer to the entries under [TLS] directory in the wiki .
<WSS>
Step1. Prepare Key and Certificate.
There are 4ways to prepare certificate. Please refer to the step.1 of the above “TLS” section and select one.
Step2. Upload certificate and Enable WSS settings on Web admin tool page.
( https://docs.brekeke.com/sip/how-to-setup-brekeke-sip-server-to-use-websocket-as-sip-transport )
Step3. (Optional) If you use self-signed server certificate, to avoid alert messages on browser, you need to import the certificate into browser.
( https://docs.brekeke.com/tech-info/import-self-signed-certificate-into-client-browser )
<HTTPS>
Step1. Prepare Key and Certificate.
There are 4ways to prepare certificate. Please refer to the step.1 of the above “TLS” section and select one.
Step2. Setup https configurations in Tomcat.
Step3. (Optional) If you use self-signed server certificate, to avoid alert messages on browser, you need to import the certificate into browser.
( https://docs.brekeke.com/tech-info/import-self-signed-certificate-into-client-browser )