[Serusers] Please help for configuration TLS in Fedora Core5

Greger V. Teigre greger at teigre.com
Fri Sep 8 10:22:22 CEST 2006 

Ferianto,
You are very polite and that is good. But it is considered bad manners 
to cross-post to multiple lists like you do. If you have a openser user 
question (like below), use users at openser.org. Don't post to the serusers 
list and don't post to the developer list of openser.
g-)

Ferianto siregar wrote:
> Dear all,
>
> I would like to say thanks to all of you for your kind-hearted read my 
> message. Thank you very much.
> All, I need you help now.Please..
>  Now, I tried to build openser with TLS in Fedora Core 5. Before, I 
> use Redhat 9 and the openser installation can be build successfully.( 
> I can make a call with  TLS support)
> But, Why when I tried to install it in Fedora Core 5, the openser can 
> not run?(there is no pid for openser)
> But, When I erase the TLS configuration (TLS script for enable the 
> TLS) in openser.cfg, the openser can run successfully.(There is a pid).
> So, in my opinion, the TLS Script in openser.cfg is error.
> But, I need this script to make secure openser server (openser with 
> TLS support).
>
> What should I do? I do hope anybody can give a suggestion. Please help 
> me...Please..
>
> Thank you very much
>
> Regards,
>
>
> Ferianto
>
> Note:
> 1. This is the error message that I got when execute, # openser, command:
> 0(8715) DEBUG:socket2str: <udp:202.95.149.251:5060>
>  0(8715) DEBUG:socket2str: <tcp:202.95.149.251:5060>
>  0(8715) DEBUG:socket2str: <tls:202.95.149.251:5061>
> Listening on
>              udp: 202.95.149.251 [202.95.149.251]:5060
>              tcp: 202.95.149.251 [202.95.149.251]:5060
>              tls: 202.95.149.251 [202.95.149.251]:5061
> Aliases:
>              tls: sip:5061
>              tls: sip.pcr.ac.id:5061
>              tcp: sip:5060
>              tcp: sip.pcr.ac.id:5060
>              udp: sip:5060
>              udp: sip.pcr.ac.id:5060
>  
>  0(8715) fm_malloc_init: F_OPTIMIZE=16384, /ROUNDTO=2048
>  0(8715) fm_malloc_init: F_HASH_SIZE=2067, fm_block size=16560
>  0(8715) fm_malloc_init(0xb5fbb000, 33554432), start=0xb5fbb000
>  0(8715) shm_mem_init: success
>  0(8715) init_tcp: using epoll_lt as the io watch method (auto detected)
>  0(8715) init_tls: Entered
>  0(8715) WARNING:init_tls: disabling compression due ZLIB problems
>  0(8715) ERRRO:init_tls: null openssl compression methods
>  0(8715) could not initialize tls, exiting...
>  0(8715) DEBUG: tm_shutdown : start
>  0(8715) DEBUG: tm_shutdown : emptying hash table
>  0(8715) DEBUG: tm_shutdown : releasing timers
>  0(8715) DEBUG: tm_shutdown : removing semaphores
>  0(8715) DEBUG: tm_shutdown : destroying tmcb lists
>  0(8715) DEBUG: tm_shutdown : done
>  0(8715) destroy_tls: Entered
>  0(8715) shm_mem_destroy
>  0(8715) destroying the shared memory lock
>
> 2. This is the contain part of openser.cfg
>
> listen=202.95.149.250
> port=5060
> children=4
> dns=no # (cmd. line: -r)
> rev_dns=no # (cmd. line: -R)
> fifo="/tmp/openser_fifo" 
> fifo_db_url="mysql://openser:openserrw@localhost/openser"
> fifo_mode=0666
> alias="pcr.ac.id"
>  
> # uncomment the following lines for TLS support
> disable_tls = 0
> listen = tls:202.95.149.250:5061
> tls_verify_client = on
> tls_require_client_certificate = on
> tls_verify_server=on
> tls_method = TLSv1
> tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"
> tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"
> tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"
>
> # ------------------ module loading ----------------------------------
>  # Uncomment this if you want to use SQL database loadmodule 
> "/usr/local/lib/openser/modules/mysql.so" loadmodule 
> "/usr/local/lib/openser/modules/sl.so" loadmodule 
> "/usr/local/lib/openser/modules/tm.so" loadmodule 
> "/usr/local/lib/openser/modules/rr.so" loadmodule 
> "/usr/local/lib/openser/modules/maxfwd.so" loadmodule 
> "/usr/local/lib/openser/modules/usrloc.so" loadmodule 
> "/usr/local/lib/openser/modules/registrar.so" loadmodule 
> "/usr/local/lib/openser/modules/auth.so" loadmodule 
> "/usr/local/lib/openser/modules/auth_db.so" loadmodule 
> "/usr/local/lib/openser/modules/uri.so" loadmodule 
> "/usr/local/lib/openser/modules/uri_db.so" loadmodule 
> "/usr/local/lib/openser/modules/mediaproxy.so" loadmodule 
> "/usr/local/lib/openser/modules/nathelper.so" loadmodule 
> "/usr/local/lib/openser/modules/textops.so" loadmodule 
> "/usr/local/lib/openser/modules/avpops.so" loadmodule 
> "/usr/local/lib/openser/modules/domain.so" loadmodule 
> "/usr/local/lib/openser/modules/permissions.so"
>
> ------------------------------------------------------------------------
> Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great 
> rates starting at 1¢/min. 
> <http://us.rd.yahoo.com/mail_us/taglines/postman7/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com> 
>
>
>  <http://us.rd.yahoo.com/mail_us/taglines/postman7/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Serusers mailing list
> Serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
>  <http://us.rd.yahoo.com/mail_us/taglines/postman7/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20060908/177d69f2/attachment.htm>

More information about the sr-users mailing list