A customer side security check of the current 3.1.0 UVC_Platform Clearsea WAN interface results in the vulnerability of the server.
- only a self sign cert is provided on tcp 443 / https
- this cert on 443 can´t be changed with an own public cert!!! only web-gui on tcp 8181 can
LSSupport: "Currently it is not possible to configure own SSL-certificates for tcp/443 ports (https:// ->ClientDownload, guestcall/usercall webinterface)
This option is only available for the admin interface (tcp/8181)"
- also a weak cert with a key length of 1024bit is used
- also a very weak sign algorithm is used: MD5
- RC4 cipher will be used, that stand for not secure anymore
Please reply, which points of this imputation you can confirm!
If so, then on several deployments I have to disable port tcp 443 on UVC Clearsea WAN interface, immediately.
But here comes the point:
How can I do this? (I think only with a pre-firewall)
If I do so - is UVC Clearsea Client provisioning for external users not available anymore?