On Thu, Jul 10, 2003, Andrei Pelinescu-Onciul wrote:
No. stunnel is used for SSL-tunneling inetd daemons.
It won't work with
ser. sip proxies have to be able to open new connections (they can't be
run from inetd).
Even if you use it to re-inject the packets on another port (e.g. send
all the ssl stuff on tcp localhost:5060 via netcat) you will still not
have a tls sip server (any connections opened from ser side will still
be non-tls).
A TLS sip proxy should also support sips: uris.
I agree it would not be able to handle outgoing connections. Still,
this should allow TLS communication between the UA and its proxy
(especially REGISTER), correct me if I'm wrong.
BTW: what tls-enabled sip uac do you use?
I just tried connecting to my stunnel with Windows Messenger, but it
failed with almost no reason given. I will tried to see what happens
with tcpdump.
Thanks for your help,
--
Johan