[Serusers] Please help for configuration TLS in Fedora Core5
Greger V. Teigre
greger at teigre.com
Fri Sep 8 10:22:22 CEST 2006
Ferianto,
You are very polite and that is good. But it is considered bad manners
to cross-post to multiple lists like you do. If you have a openser user
question (like below), use users at openser.org. Don't post to the serusers
list and don't post to the developer list of openser.
g-)
Ferianto siregar wrote:
> Dear all,
>
> I would like to say thanks to all of you for your kind-hearted read my
> message. Thank you very much.
> All, I need you help now.Please..
> Now, I tried to build openser with TLS in Fedora Core 5. Before, I
> use Redhat 9 and the openser installation can be build successfully.(
> I can make a call with TLS support)
> But, Why when I tried to install it in Fedora Core 5, the openser can
> not run?(there is no pid for openser)
> But, When I erase the TLS configuration (TLS script for enable the
> TLS) in openser.cfg, the openser can run successfully.(There is a pid).
> So, in my opinion, the TLS Script in openser.cfg is error.
> But, I need this script to make secure openser server (openser with
> TLS support).
>
> What should I do? I do hope anybody can give a suggestion. Please help
> me...Please..
>
> Thank you very much
>
> Regards,
>
>
> Ferianto
>
> Note:
> 1. This is the error message that I got when execute, # openser, command:
> 0(8715) DEBUG:socket2str: <udp:202.95.149.251:5060>
> 0(8715) DEBUG:socket2str: <tcp:202.95.149.251:5060>
> 0(8715) DEBUG:socket2str: <tls:202.95.149.251:5061>
> Listening on
> udp: 202.95.149.251 [202.95.149.251]:5060
> tcp: 202.95.149.251 [202.95.149.251]:5060
> tls: 202.95.149.251 [202.95.149.251]:5061
> Aliases:
> tls: sip:5061
> tls: sip.pcr.ac.id:5061
> tcp: sip:5060
> tcp: sip.pcr.ac.id:5060
> udp: sip:5060
> udp: sip.pcr.ac.id:5060
>
> 0(8715) fm_malloc_init: F_OPTIMIZE=16384, /ROUNDTO=2048
> 0(8715) fm_malloc_init: F_HASH_SIZE=2067, fm_block size=16560
> 0(8715) fm_malloc_init(0xb5fbb000, 33554432), start=0xb5fbb000
> 0(8715) shm_mem_init: success
> 0(8715) init_tcp: using epoll_lt as the io watch method (auto detected)
> 0(8715) init_tls: Entered
> 0(8715) WARNING:init_tls: disabling compression due ZLIB problems
> 0(8715) ERRRO:init_tls: null openssl compression methods
> 0(8715) could not initialize tls, exiting...
> 0(8715) DEBUG: tm_shutdown : start
> 0(8715) DEBUG: tm_shutdown : emptying hash table
> 0(8715) DEBUG: tm_shutdown : releasing timers
> 0(8715) DEBUG: tm_shutdown : removing semaphores
> 0(8715) DEBUG: tm_shutdown : destroying tmcb lists
> 0(8715) DEBUG: tm_shutdown : done
> 0(8715) destroy_tls: Entered
> 0(8715) shm_mem_destroy
> 0(8715) destroying the shared memory lock
>
> 2. This is the contain part of openser.cfg
>
> listen=202.95.149.250
> port=5060
> children=4
> dns=no # (cmd. line: -r)
> rev_dns=no # (cmd. line: -R)
> fifo="/tmp/openser_fifo"
> fifo_db_url="mysql://openser:openserrw@localhost/openser"
> fifo_mode=0666
> alias="pcr.ac.id"
>
> # uncomment the following lines for TLS support
> disable_tls = 0
> listen = tls:202.95.149.250:5061
> tls_verify_client = on
> tls_require_client_certificate = on
> tls_verify_server=on
> tls_method = TLSv1
> tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"
> tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"
> tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"
>
> # ------------------ module loading ----------------------------------
> # Uncomment this if you want to use SQL database loadmodule
> "/usr/local/lib/openser/modules/mysql.so" loadmodule
> "/usr/local/lib/openser/modules/sl.so" loadmodule
> "/usr/local/lib/openser/modules/tm.so" loadmodule
> "/usr/local/lib/openser/modules/rr.so" loadmodule
> "/usr/local/lib/openser/modules/maxfwd.so" loadmodule
> "/usr/local/lib/openser/modules/usrloc.so" loadmodule
> "/usr/local/lib/openser/modules/registrar.so" loadmodule
> "/usr/local/lib/openser/modules/auth.so" loadmodule
> "/usr/local/lib/openser/modules/auth_db.so" loadmodule
> "/usr/local/lib/openser/modules/uri.so" loadmodule
> "/usr/local/lib/openser/modules/uri_db.so" loadmodule
> "/usr/local/lib/openser/modules/mediaproxy.so" loadmodule
> "/usr/local/lib/openser/modules/nathelper.so" loadmodule
> "/usr/local/lib/openser/modules/textops.so" loadmodule
> "/usr/local/lib/openser/modules/avpops.so" loadmodule
> "/usr/local/lib/openser/modules/domain.so" loadmodule
> "/usr/local/lib/openser/modules/permissions.so"
>
> ------------------------------------------------------------------------
> Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great
> rates starting at 1¢/min.
> <http://us.rd.yahoo.com/mail_us/taglines/postman7/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com>
>
>
> <http://us.rd.yahoo.com/mail_us/taglines/postman7/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Serusers mailing list
> Serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
> <http://us.rd.yahoo.com/mail_us/taglines/postman7/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20060908/177d69f2/attachment.htm>
More information about the sr-users
mailing list