PureConnect

 View Only
Discussion Thread View
  • 1.  TLS SIP Trunk

    Posted 10-26-2021 05:10
    I'm wondering if anyone in the community has had success configuring TLS/SRTP for a line connecting to a Cisco Callmanager environment from PureConnect. I've got the general idea that the line cert from Genesys has to be added to Callmanager and that we need to sign a cert from call manager, could anyone tell us the steps of how to configure the TLS between two sides please.

    Any past experience or general guidance ..... would be highly appreciated.
    #ArchitectureandDesign
    #Security

    ------------------------------
    Mohannad haddad
    Fourth Dimension Systems Company
    ------------------------------


  • 2.  RE: TLS SIP Trunk

    Posted 10-27-2021 05:37
    Hello Mohannad,

    From the CIC side you need to import the Call Manager certificate (including other certificates in the chain to its root CA, if applicable) and assign them to the concerned SIP line. The procedure is decribed in the PureConnect Security Features TR, starting form page 74.
    You can find the TR here:
    https://help.genesys.com/pureconnect/desktop/security_features_landing.htm

    On the Call Manager side the CIC line certificate and its root need to be configured and trusted (you need to check the Cisco documentation for this). If you are using the default CIC certs these certificate files are stored on the CIC at:
    I3\IC\Lines\DefaultLines\LinesCertificate.cer
    I3\IC\LinesAuthority\DefaultLinesAuthority\LinesAuthorityCertificate.cer

    Regards,
    Marcelo


    ------------------------------
    Marcelo Heil França
    InfinIT.cx GmbH
    ------------------------------