On Sep 30, 2010 at 18:27, Juha Heinanen jh@tutpro.com wrote:
now that 3.1 has async tls support, i decided (first time ever) to try to test tls. things went quite smoothly when i followed "Create Certificates to be used with Kamailio" document
http://kamailio.org/dokuwiki/doku.php/tls:create-certificates#using_the_cert...
during the process, i fixed a typo in the doc, added two comments to cfg part:
enable_tls=1 tcp_async=no # do not include in 3.1 listen=udp:0.0.0.0:5060 listen=tcp:0.0.0.0:5060
^^^^^^^^ it should not be 0.0.0.0 but an actual IP. If you use 0.0.0.0 you _must_ set adevertised_adress or you will have some strange Vias && RRs.
listen=tls:0.0.0.0:5061 # not needed in 3.1
^^^^^^^^^^^^^^^^ - it's optional only if you have another listen which does not specify the protocol (e.g. listen=10.0.0.2:5060 or listen=10.0.0.2). In this case ser will listen on all protocols on the default port). I This is true also for 3.0 and at least for all ser versions.
In general I use http://sip-router.org/docbook/sip-router/branch/master/modules/tls/tls.html#... as a quick setup reminder.
Andrei