Am 30.09.2010 21:20, schrieb Juha Heinanen:
Juha Heinanen writes:
i tried with command
ssldump -i any -k /etc/sip-proxy/certs/sip-proxy/key.pem tcp and port 5061
where /etc/sip-proxy/certs/sip-proxy/key.pem is the same file as specified as tls module private key:
modparam("tls", "private_key", "/etc/sip-proxy/certs/sip-proxy/key.pem")
nothing comes to console. i must have misunderstood the command. i also tried with -i eth0, but it didn't help.
i was able to figure out how do to it using wireshark. one needs to go to Preferences/Protocols/SSL and there add to RSA keys list:
<ip-of-sip-proxy>,5061,sip,/etc/certs/sip.mydomain.com/key.pem
then in Options specify 'port 5061'. after that, new ssl connections will be shown in clear.
i don't know why ssldump didn't work with the same key.pem file.
Just a note: this only works when non-DH ciphers are used. I added a wiki page: http://www.kamailio.org/dokuwiki/doku.php/tls:tls-decoding
regards Klaus