Administrator’s Guide for W80 DECT IP Multi-Cell System
112
Topics
Supported Cipher Suites
Supported Trusted and Server Certificates
TLS Configuration
Supported Cipher Suites
A cipher suite is a named combination of authentication, encryption, and message authentication code (MAC)
algorithms used to negotiate the security settings for a network connection using the TLS/SSL network protocol.
Yealink phones support the following cipher suites:
l
DHE-RSA-AES256-SHA
l
DHE-DSS-AES256-SHA
l
AES256-SHA
l
EDH-RSA-DES-CBC3-SHA
l
EDH-DSS-DES-CBC3-SHA
l
DES-CBC3-SHA
l
DES-CBC3-MD5
l
DHE-RSA-AES128-SHA
l
DHE-DSS-AES128-SHA
l
AES128-SHA
l
RC2-CBC-MD5
l
IDEA-CBC-SHA
l
DHE-DSS-RC4-SHA
l
RC4-SHA
l
RC4-MD5
l
RC4-64-MD5
l
EXP1024-DHE-DSS-DES-CBC-SHA
l
EXP1024-DES-CBC-SHA
l
EDH-RSA-DES-CBC-SHA
l
EDH-DSS-DES-CBC-SHA
l
DES-CBC-SHA
l
DES-CBC-MD5
l
EXP1024-DHE-DSS-RC4-SHA
l
EXP1024-RC4-SHA
l
EXP1024-RC4-MD5
l
EXP-EDH-RSA-DES-CBC-SHA
l
EXP-EDH-DSS-DES-CBC-SHA
l
EXP-DES-CBC-SHA
l
EXP-RC2-CBC-MD5
l
EXP-RC4-MD5
Supported Trusted and Server Certificates
The IP phone can serve as a TLS client or a TLS server. In the TLS feature, we use the terms trusted and server cer-
tificate. These are also known as CA and device certificates.
The TLS requires the following security certificates to perform the TLS handshake:
l
Trusted Certificate
: When the IP phone requests a TLS connection with a server, the phone should verify the
certificate sent by the server to decide whether it is trusted based on the trusted certificates list. You can upload
10 custom certificates at most. The format of the trusted certificate files must be *.pem, *.cer, *.crt and *.der and
the maximum file size is 5MB.