Vitelity SIP Security Notification
-
Just received this from Vitelity:
Dear Vitelity Customer,
Vitelity Engineering will be applying changes to our customer facing systems to improve our overall security. We feel this is an important step to ensure your communications with Vitelity remain secure.
As of Saturday, April 9, 2016 at noon MDT we will be applying changes to our security certificates that may affect some older systems and browsers that utilize our web services and APIs. While we expect the impact to be minimal, we want to ensure we provide our valued customers with notice to ensure their systems will not be affected.
We are increasing the strength of our certificate signing algorithm to a SHA2-signed certificate. We are also disabling SSLv2 and SSLv3 on all of our sites in response to recent vulnerabilities exposed in that encryption method. All connections will use TLS, and we will default to TLS 1.2 and degrade to older versions of TLS for older machines.
As long as you are using reasonably modern browsers, this will not affect your browser experience to our portal or commerce sites. It may, however, affect applications using older versions of SSL client libraries.
For those of you running applications that use SSL to connect to our API, we have provided a test API connection at:
https://testcert.vitelity.net/
Upon a successful connection to this server, you will see a plain text message reading "Congratulations! You have successfully connected to the testcert server." In most cases where a certificate error is given, updating your SSL libraries to a newer version (typically openssl) will allow your client to connect.
If there are any questions, comments or concerns about the new method, contact us at [email protected] using the subject "SHA2".
Thank you,
John Hanna
EVP & GM Vitelity -
Will this effect SIP trunks?
-
-
@JaredBusch said:
@coliver said:
Will this effect SIP trunks?
No, because SIP does not use encryption by default.
Thanks!
-
This is just for their web API. Not directly related to calls.
