[Serusers] SER with TLS
Jan Janak
jan at iptel.org
Tue Apr 3 19:33:47 CEST 2007
Is there anything in syslog?
Jan.
Katty Xiong wrote:
>
> Yes. I configured SER to listen on tls using
> listen parameter.
>
> listen=tls:199.199.2.50:5061
>
> Actually from the system I can see TCP connection for
> this tls is established. But somehow the tls process
> does not responde to the ClientHello message.
>
> thanks,
> Joy
>
>
> --- Jan Janak <jan at iptel.org> wrote:
>
>> Katty Xiong wrote:
>>> I am using SER ottendorf with TLS protocol and
>> have
>>> the following issues. Does anybody experience
>> similar
>>> problems?
>>>
>>> SER cannot run with the following setup in the
>>> configuration file: (I follow this link to setup
>> key
>>> and certificate:
>>>
> http://cvs.berlios.de/cgi-bin/viewcvs.cgi/ser/sip_router/modules/tls/README?rev=1.1&content-type=text/plain)
>>> modparam("tls", "private_key", "cakey.pem")
>>> modparam("tls", "certificate", "cacert.pem")
>>> modparam("tls", "ca_list", "calist.pem")
>>> modparam("tls", "cipher_list", "HIGH");
>> You don't need that option unless you want to
>> restrict thee
>> list of ciphers that are available. openssl uses
>> all available
>> ciphers by default.
>>
>>> With the last line commented out:
>>> #modparam("tls", "cipher_list", "HIGH");
>>> SER can start, but the tls connection cannot be
>>> established. Network trace shows SER does not
>> responde
>>> to ClientHello sent by client.
>> A couple of quick questions:
>>
>> - Have you configured SER to listen on tls using
>> listen parameter?
>> - Are you connecting to the right port (i.e. 5061
>> and not 5060) ?
>>
>> Jan.
>>
>
>
>
>
> ____________________________________________________________________________________
> Finding fabulous fares is fun.
> Let Yahoo! FareChase search your favorite travel sites to find flight and hotel bargains.
> http://farechase.yahoo.com/promo-generic-14795097
>
More information about the sr-users
mailing list