Am 13.09.2010 11:10, schrieb peter_green lion:
enable_tls=1 tcp_async=no
listen=tls:192.168.1.81:5060
The default is for TLS is port 5061.
modparam("tls", "tls_method", "TLSv1") modparam("tls", "tls_method", "SSLv23")
You can not use TLS and SSL - only on e or the other. SIP is standardized with TLSv1. Thus you should remove SSLv23 unless you explicitely know that the client can not handle TLSv1 (then the client would be buggy)
modparam("tls", "certificate", "ser1_cert.pem") modparam("tls", "private_key", "privkey.pem") modparam("tls", "ca_list", "cacert.pem") modparam("tls", "verify_certificate", 1)
modparam("tls", "require_certificate", 1)
Here is the problem: You have configured Kamailio to require a client certificate. Usually the SIP client does not have a TLS client certificate, thus Kamailio will terminate the TLS connection with handshake error. Set modparam("tls", "require_certificate", 0) and at least it should work with the "openssl s_client" tool.
regards Klaus