If the SIP traffic is routed via port 5060 it is not TLS.
Only if you see TCP traffic on port 5061 TLS is used.
Try use t_relay_to_tcp (or the new t_relay syntax if you use CVS head)
regards klaus
Joao Pereira wrote:
Hello I did ngrep and all the traffic is passing through port 5060 from serverA to serverB. In witch port should the certification negotiation be done? 5060 or 5061 ?
Thats my configuration of the 2 servers aaa.aaa.aaa.aaa = IP of openserA bbb.bbb.bbb.bbb=IP of openserB
openserA----------------------------------------- port=5060 listen = aaa.aaa.aaa.aaa:5060 alias=aaa.aaa.aaa.aaa
disable_tls = 0 listen = tls:aaa.aaa.aaa.aaa:5061 tls_verify = 1 tls_require_certificate = 1 tls_method = TLSv1
openserB----------------------------------------- port=5060 listen = bbb.bbb.bbb.bbb:5060 alias=bbb.bbb.bbb.bbb disable_tls = 0 listen = tls:bbb.bbb.bbb.bbb:5061 tls_verify = 1 tls_require_certificate = 1 tls_method = TLSv1
Thanks Joao
Klaus Darilion wrote:
ssldump
or
ngrep port 5061
regards klaus
Joao Pereira wrote:
Hello to all I have 2 OpenSERs working with TLS. They both have registered clients (X-Lite). How can I be sure that they are exchanging the certificates when one call goes from serverA to serverB ? Is there any debug where we can see it happening?
Thanks Joao
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users