Hello again,
maybe you should add the following line to test your non-TLS UAs:
disable_tls = 0
listen = udp:10.30.100.41:5060 <---
listen = tls:10.30.100.41:5061
You can check your TLS handshake by simulating your server with openssl.
Please have a look at the following link that describes the TLS support:
http://www.openser.org/docs/tls.html
Best regards,
Steffen
2006/12/28, Ncheeku Baranov <opensersubscribe(a)gmail.com>om>:
Hi,
I am trying to make my non-TLS/TLS UA register with my TLS enabled openSER.
Currently I am just working on my local machine with the client UAs on the
same subnet,(so there is only one domain, but its not named). Below is my
configuration file:
disable_tls = 0
listen = tls:10.30.100.41:5061
tls_verify_server = 1
tls_verify_client = 0
tls_require_client_certificate = 0
tls_method = TLSv1
tls_certificate = "/usr/local/etc/openser/tls/user/user-
cert.pem"
tls_private_key = "/usr/local/etc/openser/tls/user/user-
privkey.pem"
tls_ca_list =
"usr/local/etc/openser/tls/user/user-calist.pem"
However, with the above configuration the client UAs couldnot register and I
got 408 Request Time out Message. Is there any field that is missing to make
this simple scenario work? What should be the values of "tls_client_domain"
and "tls_server_domain" fields in this case?
I noticed that when I start the openSER without TLS support using
"openserctl start" and do "ps -e" after that, there are more openSER
processes running than if I start openSER with TLS support in which case I
see very few of these processes running.
Your help is much appreciated....
Best regards,
NCheeku
_______________________________________________
Users mailing list
Users(a)openser.org
http://openser.org/cgi-bin/mailman/listinfo/users