CA certificates are used so that their signature can be compared against the CA signature within the certificate being offered by the peer. CA certificates can be stored either all within one file or as separate files.
If the CA certificates are stored within one file, the file must use the following format:Parent topic: TLS (Transport Layer Security) Support
... (CA certificate in base64 encoding) ...
---- END CERTIFICATE ---
If certificates are stored in one file TTUD will have to be restarted when a new certificate is added to the file. The default file, rootcert.pem, contains the root CA certificate for the Telephony Control Server. It can used by peers within the network.
If CA certificates are stored in separate files they should be stored in the directory using the following RTP parameters:
The directory used depends on the type of peer that the certificate is coming from. The RTP parameters above can point to the same directory.
How to Create a Root CA Certificate
How to Create an Intermediate CA Certificate
How to Create a Server Certificate
How to create a Client Certificate
How to Create Third Party Product Certificates
How to Create a Diffie-Hellmann Key
How to Install a Certificate on an Endpoint Server
How to Install a Certificate on a Mutual Authentication Client