Hi Peter!
Thanks for sharing your code. For which version of ser are these extensions? 0.8.12? 0.8.14? 0.9.0?
As I'm new to TLS, can you give some hints on how to test TLS? Which SIP user agents can be used to test TLS?
regards, klaus
Peter Griffiths wrote:
hello --
some time ago i extended ser to support tls, basically i implemented functions needed by the existing tls api. i polished the code a bit and i am giving it away freely. there are still some things to fix, but it mostly works.
to use the code, copy tls directory into your ser tree and optionally patch cfg.lex and cfg.y, then recompile ser with TLS=on.
if you also patch cfg.lex and cfg.y then you can use extended cfg syntax and specify different keys and certificates for different listen sockets. this is similar to apache virtual servers with ssl. without the patches you can only use the default configuration directives.
to iptel: would be great to have it in cvs, what do you think ?
-- peter
example ser.cfg:
listen=tls:127.0.0.1:5061 listen=tls:127.0.0.1:5062
# defaults for outgoing tls connections tls_certificate="default.crt" tls_private_key = "default.key"
# domain1.com tls_domain[127.0.0.1:5061] { tls_certificate="domain1.crt" tls_private_key = "domain1.key" tls_method = sslv2 }
# domain2.com tls_domain[127.0.0.1:5062] { tls_certificate="domain2.crt" tls_private_key="domain2.key" }
__________________________________ Celebrate Yahoo!'s 10th Birthday! Yahoo! Netrospective: 100 Moments of the Web http://birthday.yahoo.com/netrospective/
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers