
<div dir="ltr">Hi Henning,<div><br></div><div>It did reboot Kam, lol.</div><div><br></div><div>You didn't post parts of your custom tls.cfg settings to match with what rpc tls.options reports?</div><div><br></div><div>Cheers.</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Mar 16, 2020 at 1:34 PM Henning Westerholt <<a href="mailto:hw@skalatan.de">hw@skalatan.de</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">


<div lang="DE">

<div class="gmail-m_4364358946676938465WordSection1">

<p class="MsoNormal"><span>Hi Sergio,<u></u><u></u></span></p>

<p class="MsoNormal"><span><u></u> <u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB">strange, for me it looks ok:<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB"><u></u> <u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB">kamcmd> root@dc-sbc:~# kamcmd |grep kamailio<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB"><u></u> <u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB">root@dc-sbc:~# kamcmd tls.options |grep kamailio<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB">        private_key: /etc/kamailio/cert.pem<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB">        certificate: /etc/kamailio/cert.pem<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB">        session_id: kamailio-tls-5.x.y<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB">        config: /etc/kamailio/tls.cfg<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB"><u></u> <u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB">root@dc-sbc:~# kamcmd core.version<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB">kamailio 5.3.2 (x86_64/linux)<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB"><u></u> <u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB">Probably stupid question, maybe the server needs a restart, if you changed something etc..?<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB"><u></u> <u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB">Cheers,<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB"><u></u> <u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB">Henning<u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB"><u></u> <u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB"><u></u> <u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB">-- <u></u>

<u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB">Henning Westerholt –

</span><span><a href="https://skalatan.de/blog/" target="_blank"><span lang="EN-GB" style="color:rgb(5,99,193)">https://skalatan.de/blog/</span></a></span><span lang="EN-GB"><u></u><u></u></span></p>

<p class="MsoNormal"><span lang="EN-GB">Kamailio services –

</span><span><a href="https://gilawa.com/" target="_blank"><span lang="EN-GB" style="color:rgb(5,99,193)">https://gilawa.com</span></a></span><span>

<span lang="EN-GB"><u></u><u></u></span></span></p>

<p class="MsoNormal"><span lang="EN-GB"><u></u> <u></u></span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><b>From:</b> sr-users <<a href="mailto:sr-users-bounces@lists.kamailio.org" target="_blank">sr-users-bounces@lists.kamailio.org</a>>

<b>On Behalf Of </b>Sergiu Pojoga<br>

<b>Sent:</b> Saturday, March 14, 2020 6:49 PM<br>

<b>To:</b> Kamailio (SER) - Users Mailing List <<a href="mailto:sr-users@lists.kamailio.org" target="_blank">sr-users@lists.kamailio.org</a>><br>

<b>Subject:</b> [SR-Users] tls.options RPC reporting default settings<u></u><u></u></p>

<p class="MsoNormal" style="margin-left:35.4pt"><u></u> <u></u></p>

<div>

<p class="MsoNormal" style="margin-left:35.4pt">Hi there,<u></u><u></u></p>

<div>

<p class="MsoNormal" style="margin-left:35.4pt"><u></u> <u></u></p>

</div>

<div>

<p class="MsoNormal" style="margin-left:35.4pt">Having custom TLS config in tls.cfg, RPC `tls.options` seems to report default settings. Bug or intended?<u></u><u></u></p>

</div>

<div>

<p class="MsoNormal" style="margin-left:35.4pt"><u></u> <u></u></p>

</div>

<div>

<p class="MsoNormal" style="margin-right:0cm;margin-bottom:12pt;margin-left:35.4pt">

root@kam:/# kamcmd version    <br>

kamailio 5.3.2 (x86_64/linux) 0bed10<u></u><u></u></p>

</div>

<div>

<p class="MsoNormal" style="margin-left:35.4pt">root@kam:/# kamcmd tls.options<br>

{<br>

 force_run: 0<br>

 method: TLSv1<br>

 verify_certificate: 0<br>

 verify_depth: 9<br>

 require_certificate: 0<br>

 private_key: /usr/local/etc/kamailio/cert.pem<br>

 ca_list: <br>

 certificate: /usr/local/etc/kamailio/cert.pem<br>

 cipher_list: <br>

 session_cache: 0<br>

 session_id: kamailio-tls-5.x.y<br>

 config: /usr/local/etc/kamailio/tls.cfg<br>

...<br>

}<br>

<br>

modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg")<u></u><u></u></p>

</div>

<div>

<p class="MsoNormal" style="margin-left:35.4pt"><br>

root@kam:/usr/local/etc/kamailio# cat tls.cfg<br>

[server:default]<br>

method = TLSv1.2+<br>

verify_certificate = yes<br>

require_certificate = yes<br>

private_key = /tmp/privkey.pem<br>

certificate = /tmp/fullchain.pem<br>

ca_list = /etc/ssl/certs/ca-certificates.crt<br>

<br>

[client:default]<br>

method = TLSv1.2+<br>

verify_certificate = yes<br>

require_certificate = yes<br>

private_key = /tmp/privkey.pem<br>

certificate = /tmp/fullchain.pem<br>

ca_list = /etc/ssl/certs/ca-certificates.crt<br>

<br>

Cheers.<u></u><u></u></p>

</div>

</div>

</div>

</div>


</blockquote></div>