Overview
You wish to use TLS to communicate between us and your PBX/Trunk.
This is a supported feature of our system, however there are specific requirements around both the certificate and TLS protocol used for successful integration:
- Certificate type must be a PKI certificates (issued by a recognized certificate authority - not self-signed).
- We use the Mozilla Foundation trusted CA list. Further information and a comprehensive list of certificates are available here.
- The certificate must be served directly. (served by the PBX/Trunk not merely trusted by the PBX/Trunk)
- You must support TLS v1.2 or above.
You can check your SSL status using an online tool such as the one available here: https://decoder.link/sslchecker
- If you have a firewall you will need to allow access.
- Using the above tool, ensure all sections have a green tick.
If you are using DNS A Records in the realm or proxy field without any SRV records then by default we will attempt to communicate for TLS using the standard secure SIP port of 5061. You can amend this by including a port in the proxy field.