How to Configure Digest Authentication Added by IBM on November 30, 2011 | Version 1 (Original)
|Use this feature to configure the Digest Authentication, to enable/disable the TLS (Transparent Layer Security) for SIP Server Security, to add/edit Realms, and to configure Realm attributes.
Use this feature to configure the Digest Authentication, to enable/disable the TLS (Transparent Layer Security) for SIP Server Security, to add/edit Realms, and to configure Realm attributes.
Adequate administrative permissions
Parent topic: Signaling Management
- Navigate to Telephony Control Server -> Administration -> Signaling Management -> Digest Authentication.
- In the General tab, configure the following parameters:
Check this checkbox to enable HTTP Digest Authentication. When HTTP Digest Authentication is enabled, access to the Telephony Control Server on the SIP interface is protected by requesting authentication (identity verification) of the remote parties (such as other SIP servers and SIP clients). No cleartext information will be exchanged.
With Next Nonce you can generate the "nextnonce" parameter in the Authentication-Info header field.
Max. Authentication Attempts
This field specifies the maximum number of times that a single nonce can be used. (Default: 50 times, Possible values: 0 - 100)
Nonce Lifetime - Expired After
This field specifies the time that a nonce is valid. (Default: 300,000 msec, Possible values: 0 - 1800000)
This parameter indicates the client quality of protection (QOP). This is the level of complexity used for building the credential. The credential allows both the client and server to generate a unique piece of data so that each side (client/server) can be guaranteed the requestor is who he says he is without actually sending a password in clear text:
Authentication with message body integrity protection.
If you want authentication of the SDP (Session Description Protocol) aditionally, then use Auth-Int.
Check this checkbox to enable the TLS Security feature.
- In the Realms tab, configure the following parameters:
Address (IP or FQDN)
This column displays the IP addresses of the configured Realms.
This column indicates whether the displayed realms are trusted or non-trusted.
- Click Add in order to add new realms. The SIP configuration dialog opens. More details can be found in the topic "How to configure the SIP Settings for the Endpoint"
TLS (Transport Layer Security) Support - Subscriber Access