Reference11r1:Concept DTLS-SRTP
Jump to navigation
Jump to search
There are also other versions of this article available:
Reference11r1 (this version) | Reference13r3
Applies To
This information applies to
- all innovaphone devices from v11r1 RC2
Overview
Protocol flow
Configuration
Certificates
No special configuration is needed regarding certificates. DTLS-SRTP does not require endpoints to have the certificate of the remote endpoint in the trust list. Also it doen't check the names inside certificates.
Disabling DTLS-SRTP
For debugging purposes there are config options at the signalling modules that globally turn DTLS-SRTP off. Normally this should not be needed.
config add H323 /dtls-disabled config add SIP /dtls-disabled config add TSIP /dtls-disabled config add SIPS /dtls-disabled
Tracing
Activation
Traces for debugging DTLS-SRTP can be activated at the signalling module. The trace flags are also available on the debug.xml page.
config add H323 /dtls-trace on config add SIP /dtls-trace on config add TSIP /dtls-trace on config add SIPS /dtls-trace on
Reading traces
Known limitations
References
- RFC5764 - Datagram Transport Layer Security (DTLS) Extension to Establish Keys for the Secure Real-time Transport Protocol (SRTP)