[Users] openser with TLS

Joao Pereira joao.pereira at fccn.pt
Wed Mar 22 13:21:16 CET 2006


Hello to all
Im trying to put OpenSER to work with TLS.
I created the certificates, and configured openser.cfg. ("openser -c" 
shows no errors)
But when I start OpenSER, there are no errors, but the server doesn't start:
It says this (with debug level 4) :

Listening on
Aliases:
             *: mex.fccn.pt:*
             *: XXX.XXX.XXX.XXX:*

 0(22549) fm_malloc_init: F_OPTIMIZE=16384, /ROUNDTO=2048
 0(22549) fm_malloc_init: F_HASH_SIZE=2067, fm_block size=16548
 0(22549) fm_malloc_init(0xf4eb1000, 33554432), start=0xf4eb1000
 0(22549) shm_mem_init: success
 0(0) core dump limits set to 4294967295
 0(0) DEBUG: init_mod: postgres
postgres - initializing
 0(0) DEBUG: init_mod: sl_module
stateless - initializing
 0(0) DEBUG: register_fifo_cmd: new command (sl_stats) registered
 0(0) unixsock_register_cmd: New command (sl_stats) registered
 0(0) DEBUG: MD5 calculated: 1d0376a2244771bba12e9da5f03652d9
 0(0) DEBUG: init_mod: tm
 0(0) TM - (size of cell=2832, sip_msg=768) initializing...
 0(0) Call-ID initialization: '6efffbed'
 0(0) DEBUG: register_fifo_cmd: new command (t_uac_dlg) registered
 0(0) DEBUG: register_fifo_cmd: new command (t_uac_cancel) registered
 0(0) DEBUG: register_fifo_cmd: new command (t_hash) registered
 0(0) DEBUG: register_fifo_cmd: new command (t_reply) registered
 0(0) unixsock_register_cmd: New command (t_uac_dlg) registered
 0(0) unixsock_register_cmd: New command (t_uac_cancel) registered
 0(0) unixsock_register_cmd: New command (t_hash) registered
 0(0) unixsock_register_cmd: New command (t_reply) registered
[root at mex openser-1.0.1-tls]#  0(0) DEBUG: lock_initialize: lock 
initialization started
 0(0) DEBUG: register_fifo_cmd: new command (t_stats) registered
 0(0) unixsock_register_cmd: New command (t_stats) registered


and nothing happens... OpenSER isnt runnig :(
--------------------------------------------------------------------------------------------------------------

this is a part of my openser.cfg:

listen = tls:XXX.XXX.XXX.XXX

tls_port_no = 5062
tls_method=SSLv23

tls_certificate="/services/openser/openser-1.0.1-tls/tls/tools/rootCA/cacert.pem"
tls_private_key="/services/openser/openser-1.0.1-tls/tls/tools/rootCA/private/cakey.pem"
tls_ca_list="/services/openser/openser-1.0.1-tls/tls/tools/rootCA/certs/01.pem"

tls_ciphers_list="NULL-SHA:NULL-MD5:AES256-SHA:AES128-SHA"

tls_verify = 1
tls_require_certificate = 1
tls_handshake_timeout=119    # number of seconds
tls_send_timeout=121         # number of seconds


If you know whats the problem, please tell me :)
Thanks
Joao Pereira




More information about the sr-users mailing list