Manage Security Level in MX-ONE

New TLS cipher sets are introduced in 7.3 SP1, which is controlled by /etc/opt/eri_sn/ip_telephony.conf.

Any system that needs to be upgraded from earlier version to 7.3 SP1, should follow the following procedure to overwrite older TLS cipher sets in the system:

1. Enter the command: sudo -H /opt/mxone_install/bin/mxone_maintenance. The following screen appears.

   

2. Select Certificate to manage Certificates and TLS settings in MX-ONE. Click OK. The following screen appears.

   

3. Choose mxone-secLevel option to manage security level in MX-ONE. Click OK. The following screen appears.

   

4. Choose mxone-secLevel option to manage security level in MX-ONE. Click OK. The following screen appears.

5. By default, configure-secLevel is selected to configure MX-ONE Security level. Click OK. The following screen appears.

   

6. Click Yes to configure security level in the complete system, click No to configure security level on selected server(s).

7. Tap the spacebar to select the specified server and click OK. The following screen appears.

   

8. Change Security level to other level than current level (for example: system configured with High, change it to 'Medium') and click OK. The following screen appears.

   

   Similarly, you need to change the security level back again (Medium to High) and click OK to complete the security level settings activity.

9. Reload TLS related program unit: SIPLP, CSTServer, ConfigServer.