You have the option to download certificates for encrypted telephony onto your device and to check whether the existing certificate used by the SIP server to establish a TLS connection should be classified as trustworthy and accepted.
Download the required SIP certificate to your device with LANconfig by navigating to
.In the LANconfig dialog under
, select how the SIP certificate is to be checked in the "Security" section:- Verify server cert. acc. to:
- With this setting, you specify whether the certificate of the SIP server is verified against certain Certificate Authorities (CAs). CA certificates from globally recognized certificate chains are updated with LCOS updates. They can also be manually updated by truststore updates.
Server certificate No verification The server certificate is not verified. All valid server certificates are accepted, whichever CA they were signed by. This setting is useful for accepting self-signed certificates. All trusted CAs The server certificate is verified against all CAs known to the device. These include all CAs that LCOS "knows" to be trusted and also those from the VoIP server certificate slots 1 to 3. Note: The encrypted connection is only established if one of these certificates is validated successfully.VoIP cert. slot 1 A check is made to see whether the server certificate was signed by the CA whose certificate was uploaded to slot 1 of the VoIP certificates. VoIP cert. slot 2 A check is made to see whether the server certificate was signed by the CA whose certificate was uploaded to slot 2 of the VoIP certificates. VoIP cert. slot 3 A check is made to see whether the server certificate was signed by the CA whose certificate was uploaded to slot 3 of the VoIP certificates. Telekom-Shared-Business-CA4 With this setting, the device only accepts server certificates signed by the Telekom Shared Business CA4 CA. Note: Use this setting for SIP trunk connections from Deutsche Telekom.