7 Jan
2013
7 Jan
'13
4:30 p.m.
It depends on what you want to configure.
If the softswitch shall be authenticated by TLS then of course you have
to set "require_certificate=yes".
Further, find out why the handshake fails. Use tcpdump/wireshark to find
out who sends the SSL alert. It seems the softswitch sends the alert:
thus make sure that the softswitch is configured with the correct
certificate and also provide the softswitch with the CA certificate (or
the self-signed certificate) of Kamailio's certificate.
See also:
http://www.kamailio.org/dokuwiki/doku.php/troubleshooting:tls
http://www.kamailio.org/wiki/tutorials/tls/testing-and-debugging
regards
Klaus
On 04.01.2013 18:30, Iurii Andamasov wrote:
other side is softswitch, not an softphone,
other side also use selfsigned certificate
should i set
require_certificate = no
?
On 04.01.2013, at 14:49, Daniel-Constantin Mierla <miconda(a)gmail.com
<mailto:miconda@gmail.com>> wrote:
Hello,
is the sip phone presenting a certificate? You require that in the
server part of tls.cfg.
Cheers,
Daniel
On 1/4/13 10:44 AM, Iurii Andamasov wrote:
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Hello,
trying setup kamailio with TLS, have 2 peers,
tls.cfg:
http://pastebin.com/DvdDzx0v
i'm getting
Jan 4 10:38:43 fs-tls /usr/sbin/kamailio[3798]: ERROR: tls
[tls_server.c:1190]: TLS read:error:14094410:SSL
routines:SSL3_READ_BYTES:sslv3 alert handshake failure
Can someone point me to solution?
Thanks
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla -http://www.asipto.com
http://twitter.com/#!/miconda -http://www.linkedin.com/in/miconda