Katty Xiong wrote:
I am using SER ottendorf with TLS protocol and have the following issues. Does anybody experience similar problems?
SER cannot run with the following setup in the configuration file: (I follow this link to setup key and certificate: http://cvs.berlios.de/cgi-bin/viewcvs.cgi/ser/sip_router/modules/tls/README?...)
modparam("tls", "private_key", "cakey.pem") modparam("tls", "certificate", "cacert.pem") modparam("tls", "ca_list", "calist.pem") modparam("tls", "cipher_list", "HIGH");
You don't need that option unless you want to restrict thee list of ciphers that are available. openssl uses all available ciphers by default.
With the last line commented out: #modparam("tls", "cipher_list", "HIGH"); SER can start, but the tls connection cannot be established. Network trace shows SER does not responde to ClientHello sent by client.
A couple of quick questions:
- Have you configured SER to listen on tls using listen parameter? - Are you connecting to the right port (i.e. 5061 and not 5060) ?
Jan.