Collapse AllExpand All

18.8.6.1.3. TLS Previous topic Parent topic Child topic Next topic

Currently are supported only protocols TLSv1.0 and higher, SSLv2 and SSLv3 are not permitted due to security issues. The default minimum RSA key length is 2048.
TLS version is configured in WBM menu:
Configuration > Security > Signaling and Payload Encryption (SPE) > right click on TLS Ciphers for SIP > Edit TLS Cipher Configuration.
On following screen, the deployed TLS version, key agreement method, encryption algorithm and operation mode can be configured (see https://www.ietf.org/rfc/rfc5246.txt and https://www.ietf.org/rfc/rfc8446.txt for more information about TLSv1.2 and TLSv1.3).
IMPORTANT:
After changing and saving the TLS SIP settings, GW must be rebooted for the changes to take effect!

Figure 425. TLS Ciphers for SIP

TLS_SIP-2.png
Starting with V11R0, TLS version 1.3 is supported on the VoIP Interfaces (HFA and SIP).
INFO:
TLS1.3 ciphers cannot be configured (fix settings).
${DocTitle}, ID: ${DocID}
© 03/2026 Mitel Networks Corporation. All rights reserved. Mitel and the Mitel logo are trademark(s) of Mitel Networks Corporation. Unify and associated marks are trademarks of Unify Software and Solutions GmbH & Co. KG. All other trademarks herein are the property of their respective owners.