When a TLS connection is established, a handshaking, known as the TLS Handshake Protocol, occurs. During this handshake, the client and server agree on various parameters used to establish the connection's security. First, the client sends a cipher suite list, a list of the cipher suites that it supports, in order of preference. Then the server replies with the cipher suite that it has selected from the client cipher suite list. Each named cipher suite defines a key exchange algorithm, a bulk encryption algorithm, a message authentication code (MAC) algorithm, and a pseudorandom function (PRF).
Perform the following tasks to associate a certificate to the TLS profile:
- Click Cluster / VNF Management shortcut under Network Mgmnt. The Cluster/VNF Management window is displayed.
- Select the cluster for which you want to update the cluster configuration for TLS Profile.
- Click Edit Configuration button.
Select the TLS Profile under Profiles object in "WRTC Data Model", and you would view the TLS Profile list.
You can select any specific TLS Profile from the list to view the details of that TLS Profile.
- Perform the following steps to add a TLS Profile:
- Click New TLS Profile option. Create New TLS Profile page is displayed.
Provide a TLS Profile Name, TLS Handshake Timeout Duration, Cipher suites and Server Certificate from the Keystore certificate list as follows:
TLS Profile name must be maximum of 23 characters.
TLS Handshake Timeout Duration range is 0 - 4294967295. The default value is 5.
A cipher suite is a named combination of authentication, encryption, message authentication code (MAC) and key exchange algorithms used to negotiate the security settings for a network connection using the Transport Layer Security (TLS) / Secure Sockets Layer (SSL) network protocol.
Click the Save button. TLS Profile (Object) is created successfully message is displayed.
You can now view the TLS Profile that you have created in the existing list.
- You can delete any specific certificate by selecting the Delete option.
Click Save and Close to complete the configuration and to return to the parent page.
To activate the configuration, click the Start button from 'Activate Configuration' section available at the bottom of the configuration screen.