I knowed that you can have TLS connection between UA and other Proxy Servers, but I didn't know that Kamailio supports it, thanks for your comment. So maybe Paulos's problem is that his Client is not trying to REGISTER to the correct port (5061) of his Kamailio.
----- Mensaje original ----- De: Klaus Darilion klaus.mailinglists@pernau.at Fecha: Viernes, Octubre 24, 2008 12:45 pm Asunto: Re: [Kamailio-Users] kamailio with tls
(cc'ed to the mailinglist)
ingdavidcespedes@cable.net.co schrieb:
Enable TLS in Kamailio is only for connection between other Kamailio (SIP Proxy Servers), it doesn't have anything to do with UA, or
am I
wrong? . As I understand, you can not implement TLS between UA's and Kamailio.
Of course you can. If the SIP client supports TLS you can also use TLS between UA and Kamailio - no problem.
I use it with eyebeam clients and SNOM phones. Also pjsip supports TLS, for example you can test it using QjSimple. http://www.ipcom.at/index.php?id=560
regards klaus
----- Mensaje original ----- De: Klaus Darilion klaus.mailinglists@pernau.at Fecha: Viernes, Octubre 24, 2008
11:04> am Asunto: Re: [Kamailio-Users] kamailio with tls
paulo leonardo schrieb:
Hi,
I would like a litle help :D!
I installed kamailio and everything is ok :D! But i want to use
TLS, but
when i setup TLS in kamailio, don't work the REGISTER (i can't
register
my sofphone ...). And i compliled kamilio with TLS!!! when i
comment the
cofigurantion TLS and use port 5060 works!
So, "what" does not work?
- Does Kamailio start (ps -Alf|grep kamailio)? - Does K listen to
the specified TLS socket (netstat -anp|grep kama)? - which client do you use? - is a TCP connection set up? - is a TLS handshake happening (ssldump)? - what is in the logfile of Kamailio? .....
Your error description is to short!
regards klaus
below is my configuration
----------------------------------------- disable_tls = no listen = tls:192.168.170.101:5061 http://192.168.170.101:5061 tls_verify_server = 1 tls_verify_client = 1 tls_require_client_certificate = 1 tls_method = TLSv1 tls_certificate = "/usr/local/etc/kamailio/tls/user/user-cert.pem" tls_private_key = "/usr/local/etc/kamailio/tls/user/user-
privkey.pem"> tls_ca_list
if (!www_authorize("192.168.170.101 http://192.168.170.101", "subscriber")) { www_challenge("192.168.170.101
http://192.168.170.101", "0");
exit; }
root@pst:/usr/local/etc/kamailio# ls -R tls/ tls/: ca.conf README request.conf rootCA user user.conf
tls/rootCA: cacert.pem certs index.txt private serial
tls/rootCA/certs:
tls/rootCA/private: cakey.pem
tls/user: user-calist.pem user-cert.pem user-cert_req.pem user-privkey.pem
thanks!!!
--
_______________________________________________ Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
_______________________________________________ Users mailing
list
Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
-
ingdavidcespedes@cable.net.co