[Serusers] SER with TLS

Katty Xiong cyyxiong at yahoo.com
Tue Apr 3 21:32:34 CEST 2007 


I compile SER using: gmake TLS_HOOKS=1. I can see
tls.so is generated in the tls directory. I follow the
link to generate certificate:
http://cvs.berlios.de/cgi-bin/viewcvs.cgi/ser/sip_router/modules/tls/README?rev=1.1&content-type=text/plain)

thanks,
Joy

--- Atle Samuelsen <clona at cyberhouse.no> wrote:

> Hi,
> 
> Just out of quriousity or how you write it..
> 
> How did you compile ser? and hw did you make your
> certificates?
> 
> did you do : make install TLS=1 ? 
> 
> 
> - Atle
> 
> * Jan Janak <jan at iptel.org> [070403 19:34]:
> > Is there anything in syslog?
> > 
> >   Jan.
> > 
> > Katty Xiong wrote:
> > > 
> > > Yes. I configured SER to listen on tls using
> > > listen parameter.
> > > 
> > > listen=tls:199.199.2.50:5061
> > > 
> > > Actually from the system I can see TCP
> connection for
> > > this tls is established. But somehow the tls
> process
> > > does not responde to the ClientHello message.
> > > 
> > > thanks,
> > > Joy
> > > 
> > > 
> > > --- Jan Janak <jan at iptel.org> wrote:
> > > 
> > >> Katty Xiong wrote:
> > >>> I am using SER ottendorf with TLS protocol and
> > >> have
> > >>> the following issues. Does anybody experience
> > >> similar
> > >>> problems? 
> > >>>
> > >>> SER cannot run with the following setup in the
> > >>> configuration file: (I follow this link to
> setup
> > >> key
> > >>> and certificate:
> > >>>
> > >
>
http://cvs.berlios.de/cgi-bin/viewcvs.cgi/ser/sip_router/modules/tls/README?rev=1.1&content-type=text/plain)
> > >>> modparam("tls", "private_key", "cakey.pem")
> > >>> modparam("tls", "certificate", "cacert.pem")
> > >>> modparam("tls", "ca_list", "calist.pem") 
> > >>> modparam("tls", "cipher_list", "HIGH");
> > >>   You don't need that option unless you want to
> > >> restrict thee
> > >>   list of ciphers that are available. openssl
> uses
> > >> all available
> > >>   ciphers by default.
> > >>
> > >>> With the last line commented out:
> > >>> #modparam("tls", "cipher_list", "HIGH");
> > >>> SER can start, but the tls connection cannot
> be
> > >>> established. Network trace shows SER does not
> > >> responde
> > >>> to ClientHello sent by client.
> > >>   A couple of quick questions:
> > >>
> > >>   - Have you configured SER to listen on tls
> using
> > >> listen parameter?
> > >>   - Are you connecting to the right port (i.e.
> 5061
> > >> and not 5060) ?
> > >>
> > >>     Jan.
> > >>
> > > 
> > > 
> > > 
> > >  
> > >
>
____________________________________________________________________________________
> > > Finding fabulous fares is fun.  
> > > Let Yahoo! FareChase search your favorite travel
> sites to find flight and hotel bargains.
> > >
> http://farechase.yahoo.com/promo-generic-14795097
> > > 
> > 
> > _______________________________________________
> > Serusers mailing list
> > Serusers at lists.iptel.org
> > http://lists.iptel.org/mailman/listinfo/serusers
> 



 
____________________________________________________________________________________
Looking for earth-friendly autos? 
Browse Top Cars by "Green Rating" at Yahoo! Autos' Green Center.
http://autos.yahoo.com/green_center/

More information about the sr-users mailing list