Sun Microsystems, Inc.  Oracle System Handbook - ISO 7.0 May 2018 Internal/Partner Edition
   Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback

Asset ID: 1-71-1983250.1
Update Date:2017-08-17
Keywords:
Solution Type  Technical Instruction Sure

Solution  1983250.1 :   How to configure Intermediate TLS certificates for the Oracle Session Border Controller  

Related Items 
    

  • Acme Packet 4500
    •  
  • Acme Packet 3820
    •  
  • Acme Packet 6100
    •  
  • Acme Packet 3900
    •  
  • Acme Packet 6300
    •  
  • Acme Packet 4600
    •  
Related Categories 
    

  • PLA-Support>Sun Systems>CommsGBU>Session Delivery Network>SN-SND: Acme Service Provider
    •  




How to configure intermediate TLS certificates for the Oracle Session Border Controller

In this Document
Goal
Solution

Created from <SR 3-10224202891>

Applies to:

Acme Packet 4500 - Version S-Cx6.3.0 and later
Acme Packet 4600 - Version S-Cx6.3.0 and later
Acme Packet 6100 - Version S-Cz7.0.2 and later
Acme Packet 6300 - Version S-Cz7.0.2 and later
Acme Packet 3820 - Version S-Cx6.3.0 and later
Information in this document applies to any platform.

Goal

 How to configure the Oracle Session Border Controller to use Intermediate SSL certificates.

Solution

Transport Layer Security (TLS is formerly called SSL) provides certificate-based authentication and encrypted sessions. An encrypted session protects the information that is transmitted. An intermediate certificate is a stand-in proxy for the root certificate and is used to maintain the chain of trust. The end-point can follow a certificate chain by looking at the fields "Issued to" and "Issued by" and follow that chain down to the root certificate.

This document assumes basic understanding in applying TLS functionality for the Session Border Controller and does only provide the steps in creating a functioning intermediate certificate usage.

For more information regarding security in the Session Border Controller, please see the Oracle Acme Packet SBC family security guide: https://docs.oracle.com/cd/E55742_01/doc/sbc_security.pdf

 

Example below :


1. Create the necessary certificate-record(s) for the intermediate certificates.

An example certificate-record format

certificate-record
name <NameOfYourChosenIntermediate>
country SE
state STHLM
locality KST
organization Communication
common-name <NameOfYourChoice>
key-size 2048

certificate-record
name <NameOfYourChosenRoot>
country SE
state STHLM
locality KST
organization Communication
unit OITK
common-name <NameOfYourChosenRoot>
key-size 2048

 

2. Import the certificate:

 

# import-certificate try-all <NameOfYourChosenIntermediate>

-----BEGIN CERTIFICATE-----

           

Many lines returned from NameOfYourChosenIntermediate public key omitted



-----END CERTIFICATE-----;


3. Update TLS profile:

tls-profile
name <tls-profile name>
end-entity-certificate <your TLS server name>
trusted-ca-certificates <NameOfYourChosenIntermediate> <NameOfYourChosenRoot>
cipher-list ALL
verify-depth 10
mutual-authenticate disabled
tls-version compatibility
cert-status-check disabled
cert-status-profile-list
ignore-dead-responder disabled
allow-self-signed-cert disabled

 

 


Attachments 
This solution has no attachment
  Copyright © 2018 Oracle, Inc.  All rights reserved.
 Feedback