[Serusers] SER with TLS

Katty Xiong cyyxiong at yahoo.com
Tue Apr 3 18:52:21 CEST 2007



Yes. I configured SER to listen on tls using
listen parameter.

listen=tls:199.199.2.50:5061

Actually from the system I can see TCP connection for
this tls is established. But somehow the tls process
does not responde to the ClientHello message.

thanks,
Joy


--- Jan Janak <jan at iptel.org> wrote:

> Katty Xiong wrote:
> > I am using SER ottendorf with TLS protocol and
> have
> > the following issues. Does anybody experience
> similar
> > problems? 
> > 
> > SER cannot run with the following setup in the
> > configuration file: (I follow this link to setup
> key
> > and certificate:
> >
>
http://cvs.berlios.de/cgi-bin/viewcvs.cgi/ser/sip_router/modules/tls/README?rev=1.1&content-type=text/plain)
> > 
> > modparam("tls", "private_key", "cakey.pem")
> > modparam("tls", "certificate", "cacert.pem")
> > modparam("tls", "ca_list", "calist.pem") 
> > modparam("tls", "cipher_list", "HIGH");
> 
>   You don't need that option unless you want to
> restrict thee
>   list of ciphers that are available. openssl uses
> all available
>   ciphers by default.
> 
> > With the last line commented out:
> > #modparam("tls", "cipher_list", "HIGH");
> > SER can start, but the tls connection cannot be
> > established. Network trace shows SER does not
> responde
> > to ClientHello sent by client.
> 
>   A couple of quick questions:
> 
>   - Have you configured SER to listen on tls using
> listen parameter?
>   - Are you connecting to the right port (i.e. 5061
> and not 5060) ?
> 
>     Jan.
> 



 
____________________________________________________________________________________
Finding fabulous fares is fun.  
Let Yahoo! FareChase search your favorite travel sites to find flight and hotel bargains.
http://farechase.yahoo.com/promo-generic-14795097



More information about the sr-users mailing list