Configuration for various security parameters in BVR
This section is OPTIONAL
The header for this section is [security]
| Name | Mandatory | Type | Default | Description |
|---|---|---|---|---|
| cipher_suites_file | no | string | /opt/blueworx/vr/security/ciphers.ini | This parameter was introduced in version 7.9.0 The file containing a list of default cipher suites to be used for TLS connections (HTTPS, SIP etc). This may be overridden in other configuration options |
| keystore_file | no | string | /opt/blueworx/vr/security/keystore.jks | This parameter was introduced in version 7.9.0 The location of the keystore file |
| keystore_password | no | string | changeit | This parameter was introduced in version 7.9.0 The password for the keystore |
| keystore_key_alias | no | string | blueworx | This parameter was introduced in version 7.9.0 The alias for the key to use in your keystore |
| truststore_file | no | string | /opt/blueworx/vr/security/truststore.jks | This parameter was introduced in version 7.9.0 The location of the truststore file |
| truststore_password | no | string | changeit | This parameter was introduced in version 7.9.0 The password for the truststore |
| default_rtp_encryption_mode | no | string | NONE | This parameter was introduced in version 7.9.0 The default RTP encryption mode. NONE: No encryption (RTP only) OPTIONAL: Offer and accept SRTP and RTP but prioritise SRTP MANDATORY: Only offer and accept SRTP Valid options are: NONE, OPTIONAL, MANDATORY, MATCH_SIGNALLING |
| inbound_call_rtp_encryption_mode | no | string | This parameter was introduced in version 7.9.0 The RTP encryption mode for inbound calls. If not set, this will use the value of default_rtp_encryption_mode. Valid options are: NONE, OPTIONAL, MANDATORY, MATCH_SIGNALLING | |
| outbound_call_rtp_encryption_mode | no | string | This parameter was introduced in version 7.9.0 The RTP encryption mode for outbound calls. If not set, this will use the value of default_rtp_encryption_mode. Valid options are: NONE, OPTIONAL, MANDATORY, MATCH_SIGNALLING | |
| mrcp_rtp_encryption_mode | no | string | This parameter was introduced in version 7.9.0 The RTP encryption mode for MRCP audio. If not set, this will use the value of default_rtp_encryption_mode. Note: Some MRCPv2 software does not work well with offering both secure and non secure audio, so we recommend setting this to either NONE or MANDATORY Valid options are: NONE, OPTIONAL, MANDATORY, MATCH_SIGNALLING | |
| ibm_voice_gateway_rtp_encryption_mode | no | string | This parameter was introduced in version 7.9.0 The RTP encryption mode for communication with IBM Voice Gateway. If not set, this will use the value of default_rtp_encryption_mode. Valid options are: NONE, OPTIONAL, MANDATORY, MATCH_SIGNALLING | |
| ibm_voice_gateway_rtp_encryption_mode | no | string | NONE | This parameter was introduced in version 7.9.0 The RTP encryption mode for record calls (e.g. SIPREC) Valid options are: NONE, MANDATORY |
| secure_logging | no | boolean | false | This parameter was introduced in version 7.9.0 Enables secure tracing and logging to ensure no customer DTMF information is logged |
| secure_logging_audio | no | boolean | false | This parameter was introduced in version 7.17.1 Enables secure logging of audio URIs |
| skip_redaction_on_fetch_failure | no | boolean | false | This parameter was introduced in version 7.26.0 If true, this will not redact URIs when logging a fetch failure |
| secure_logging_application | no | boolean | false | This parameter was introduced in version 7.26.0 Redacts application logging (e.g. <log> tags) |