Content
In order to setup a SIP TLS connection in scenarios where the server requests a client certificate, the base must be configured with a pre-loaded TLS client certificate and key.
After clicking on Security, click on the "Choose Files" button under "Import SIP Client Certificate Key Pair"
The certificate must be provided as a DER encoded binary X.509 (.cer) file, and the key must be provided as an unencrypted PKCS#8 binary file.
If you need to convert a certificate in DER format you can use the OpenSSL command:
1 | openssl x509 -in certificate.crt -outform DER -out certificate-DER.cer
If you need to convert the private key into the unencrypted PKCS#8 format you can use the OpenSSL command:
1 | openssl pkcs8 -topk8 -inform PEM -in certificate-key.key -outform DER -out certificate-key-DER-PKCS8.key -nocrypt
Further Information
Related articles