That's fine as long as it is possible to connect via TLS and exchange voice/text.
The linked tutorial, as I understand, was written by Kamailio developer and it should be trustworthy.
Is there anything else that I could miss? It sounded so easy in that tutorial, but on practice nothing but TCP works.

On 02/16/2014 03:03 AM, Olle E. Johansson wrote:

On 16 Feb 2014, at 03:22, info@vintageelectronics.ca wrote:

I was going by this tutorial - it said that default certs should suffice: http://kb.asipto.com/kamailio:skype-like-service-in-less-than-one-hour

On 02/15/2014 07:34 PM, Corey Edwards wrote:

On Fri, Feb 14, 2014 at 7:35 PM, <info@vintageelectronics.ca> wrote:

Testing in the same box for now with the goal to at least get it working within one machine.
Do you mean that TLS will not work with the cert/key shipped with kamailio?

I've never tried. A default key would not be very secure, but if you have a valid certificate and key it should work.

The default certificates are self-signed. A client may not recognize these as trustworthy, policy may claim that only certificates signed by a well-known CA that the client has root certificates for is trusted, so the TLS connection will not be completed.

If the client sets up a TLS connection anyway, that's fine. There will be encryption, but no authentication. The client should not show any lock in this case or in any way indicate a "secure" connection to the server. The connection should not be trusted for exchange of media encryption keys or any other confidential data.

/O

--

* Olle E. Johansson - oej@edvina.net
* Kamailio & SIP Masterclass Miami FL, Oxford UK and Malaga, Spain this spring!

* http://edvina.net/training/
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users