In order to setup a SIP TLS connection in scenarios where the server requests a client certificate, the base must be configured with a pre-loaded TLS client certificate and key.

How to load the client certificate:

  • Step 1:


    After clicking on Security, click on the "Choose Files" button under "Import SIP Client Certificate Key Pair"

  • Step 2:

Select both key and certificate


  • Step 3:

    Click on the Load button

  • Step 4:

Your certificate should be listed into the certificate list

Certificate format:

The certificate must be provided as a DER encoded binary X.509 (.cer) file, and the key must be provided as an unencrypted PKCS#8 binary file.


If you need to convert a certificate in DER format you can use the OpenSSL command:

1 | openssl x509 -in certificate.crt -outform DER -out certificate-DER.cer


If you need to convert the private key into the unencrypted PKCS#8 format you can use the OpenSSL command:

1 | openssl pkcs8 -topk8 -inform PEM -in certificate-key.key -outform DER -out certificate-key-DER-PKCS8.key -nocrypt