Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: update for 2_3_9 and greater

...

As of firmware 2_2_0_4_5a54ff2, Digium phones do not validate Asterisk's server certificate, nor can they be loaded with a client certificate to present to Asterisk.  Future releases of phone firmware may eliminate these limitations.  As of firmware 2_3_9, Digium phones no longer support anonymous or null ciphers.

Getting Started - Certificates

...

Expand
titleDigium Phone TLS Ciphers

RC4-SHA, RC4-MD5

DES-CBC-SHA, DES-CBC3-SHA
AES128-SHA, AES256-SHA
CAMELLIA128-SHA, CAMELLIA256-SHA
SEED-SHA

Versions of firmware prior to 2.3.9 also supported the following, additional ciphers:

Expand
titleDigium Phone older firmware TLS Ciphers
DES-CBC-SHA, DES-CBC3-SHA
ECDHE-RSA-RC4-SHA, ECDHE-RSA-DES-CBC3-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA
AECDH-RC4-SHA, AECDH-DES-CBC3-SHA, AECDH-AES128-SHA, AECDH-AES256-SHA

...

A Digium phone indicates to the user when TLS signaling and/or SDES SRTP are enabled for a call with a shield indicator on the line, denoting TLS, and a shield indicator for the call disposition, denoting SRTP, as such:

Image Modified