[sr-dev] [kamailio/kamailio] fix TLS client config selection based on dst ip and port (#842)
sergey-vb
notifications at github.com
Thu Nov 3 10:02:51 CET 2016
It is interesting but not easy solution.
Because tls_lookup_cfg accepting only one ip and port...
Another solution can be in [MANAGE_BRANCH] route add next check condition:
```
if ($rP == "TLS") {
$xavp(tls=>server_name) = $rd + ":" + $rp;
$xavp(tls=>server_id) = $rd + ":" + $rp;
}
```
and in tls.cfg:
```
[client:10.1.23.19:5061]
verify_certificate = yes
ca_list = /etc/kamailio/CAs/ca1.pem
private_key = /etc/kamailio/CAs/client1.key
server_name = 10.1.23.19:5061
server_id = 10.1.23.19:5061
```
It works too.
After location check i have ruri like 9098 at 10.1.23.19:5061;transport=TLS
May bee this is the simplest solution...
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/pull/842#issuecomment-258091140
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20161103/ee5cd9e4/attachment.html>
More information about the sr-dev
mailing list