Chapter 44
Configuring the TLS Proxy for Encrypted Voice Inspection
Configuring the TLS Proxy for Encrypted Voice Inspection
This section includes the following topics:
•
•
•
•
•
•
•
CTL Provider
Use the CTL Provider option to configure Certificate Trust List provider service.
The CTL Provider pane lets you define and configure Certificate Trust List provider service to enable
inspection of encrypted traffic.
Fields
•
•
•
•
•
•
Modes
The following table shows the modes in which this feature is available:
OL-20339-01
CAP-RTP-002
–
CAPF certificate (Optional)
–
If LSC provisioning is required or you have LSC enabled IP phones, you must import the CAPF
certificate from the Cisco UCM. If the Cisco UCM has more than one CAPF certificate, you
must import all of them to the adaptive security appliance.
See
Chapter 43, "Configuring the Cisco Phone
is required by the phone proxy to validate the IP phone certificate.
Configure TLS Proxy Pane, page 44-7
Adding a TLS Proxy Instance, page 44-8
Add TLS Proxy Instance Wizard – Server Configuration, page 44-9
Add TLS Proxy Instance Wizard – Client Configuration, page 44-10
Add TLS Proxy Instance Wizard – Other Steps, page 44-12
Edit TLS Proxy Instance – Server Configuration, page 44-12
Edit TLS Proxy Instance – Client Configuration, page 44-13
CTL Provider Name—Lists the CTL Provider name.
Client Details—Lists the name and IP address of the client.
Interface Name—Lists the defined interface name.
–
IP Address—Lists the defined interface IP address.
–
Certificate Name—Lists the certificate to be exported.
Add—Adds a CTL Provider.
Edit—Edits a CTL Provider.
Delete—Deletes a CTL Provider.
Configuring the TLS Proxy for Encrypted Voice Inspection
Proxy."For example, the CA Manufacturer certificate
Cisco ASA 5500 Series Configuration Guide using ASDM
44-5