[Serusers] SER with TLS
Jan Janak
jan at iptel.org
Tue Apr 3 10:45:05 CEST 2007
Katty Xiong wrote:
> I am using SER ottendorf with TLS protocol and have
> the following issues. Does anybody experience similar
> problems?
>
> SER cannot run with the following setup in the
> configuration file: (I follow this link to setup key
> and certificate:
> http://cvs.berlios.de/cgi-bin/viewcvs.cgi/ser/sip_router/modules/tls/README?rev=1.1&content-type=text/plain)
>
> modparam("tls", "private_key", "cakey.pem")
> modparam("tls", "certificate", "cacert.pem")
> modparam("tls", "ca_list", "calist.pem")
> modparam("tls", "cipher_list", "HIGH");
You don't need that option unless you want to restrict thee
list of ciphers that are available. openssl uses all available
ciphers by default.
> With the last line commented out:
> #modparam("tls", "cipher_list", "HIGH");
> SER can start, but the tls connection cannot be
> established. Network trace shows SER does not responde
> to ClientHello sent by client.
A couple of quick questions:
- Have you configured SER to listen on tls using listen parameter?
- Are you connecting to the right port (i.e. 5061 and not 5060) ?
Jan.
More information about the sr-users
mailing list