® Media Manager SIP Proxy and Registrar component to use SIP authentication and authorization requires some additional steps.
Follow the instructions in this section to configure Transport Layer Security (TLS) if you chose it as the encryption protocol and to set up user authentication.
Distributing certificates for Transport Layer encryption to all upgraded Media Manager components
If you installed Media Manager components on separate machines or as separate cell profiles, you must extract the signed security certificate from the SIP Proxy and Registrar server. Then add the certificate to all Conference Manager and Packet Switcher servers. This step does not apply if you installed all components of the media manager on the same cell profile.
Distributing certificates for Transport Layer encryption to the upgraded SIP Proxy and Registrar
If you installed the SIP Proxy and Registrar on separate machines or as a separate cell profile from the other IBM Sametime
® Media Manager components, you must extract the signed security certificate from the Conference Manager and Packet Switcher components and add the certificates to the SIP Proxy and Registrar. This step does not apply if you installed all components of the Sametime
Media Manager and SIP Proxy and Registrar on the same cell profile.
Exchanging certificates between the upgraded Packet Switcher and the upgraded Conference Manager
The Packet Switcher component of the IBM
Sametime Media Manager opens a TLS connection to the Conference Manager, so you need to exchange certificates between the Packet Switcher and the Conference Manager. You must extract the certificate used by the Conference Manager and then add this certificate to the Packet Switcher.
Adding trusted IP addresses to the upgraded SIP Proxy and Registrar
SIP Proxy and Registrar accepts connections from the Sametime
Media Manager components – Conference Manager and Packet Switcher. To ensure that the SIP Proxy and Registrar trusts these components when they establish a connection, you must add a custom SIP container property that uses the IP address or fully qualified domain name for these trusted components as its value.