[Serusers] SER with TLS
Katty Xiong
cyyxiong at yahoo.com
Tue Apr 3 21:32:34 CEST 2007
I compile SER using: gmake TLS_HOOKS=1. I can see
tls.so is generated in the tls directory. I follow the
link to generate certificate:
http://cvs.berlios.de/cgi-bin/viewcvs.cgi/ser/sip_router/modules/tls/README?rev=1.1&content-type=text/plain)
thanks,
Joy
--- Atle Samuelsen <clona at cyberhouse.no> wrote:
> Hi,
>
> Just out of quriousity or how you write it..
>
> How did you compile ser? and hw did you make your
> certificates?
>
> did you do : make install TLS=1 ?
>
>
> - Atle
>
> * Jan Janak <jan at iptel.org> [070403 19:34]:
> > Is there anything in syslog?
> >
> > Jan.
> >
> > Katty Xiong wrote:
> > >
> > > Yes. I configured SER to listen on tls using
> > > listen parameter.
> > >
> > > listen=tls:199.199.2.50:5061
> > >
> > > Actually from the system I can see TCP
> connection for
> > > this tls is established. But somehow the tls
> process
> > > does not responde to the ClientHello message.
> > >
> > > thanks,
> > > Joy
> > >
> > >
> > > --- Jan Janak <jan at iptel.org> wrote:
> > >
> > >> Katty Xiong wrote:
> > >>> I am using SER ottendorf with TLS protocol and
> > >> have
> > >>> the following issues. Does anybody experience
> > >> similar
> > >>> problems?
> > >>>
> > >>> SER cannot run with the following setup in the
> > >>> configuration file: (I follow this link to
> setup
> > >> key
> > >>> and certificate:
> > >>>
> > >
>
http://cvs.berlios.de/cgi-bin/viewcvs.cgi/ser/sip_router/modules/tls/README?rev=1.1&content-type=text/plain)
> > >>> modparam("tls", "private_key", "cakey.pem")
> > >>> modparam("tls", "certificate", "cacert.pem")
> > >>> modparam("tls", "ca_list", "calist.pem")
> > >>> modparam("tls", "cipher_list", "HIGH");
> > >> You don't need that option unless you want to
> > >> restrict thee
> > >> list of ciphers that are available. openssl
> uses
> > >> all available
> > >> ciphers by default.
> > >>
> > >>> With the last line commented out:
> > >>> #modparam("tls", "cipher_list", "HIGH");
> > >>> SER can start, but the tls connection cannot
> be
> > >>> established. Network trace shows SER does not
> > >> responde
> > >>> to ClientHello sent by client.
> > >> A couple of quick questions:
> > >>
> > >> - Have you configured SER to listen on tls
> using
> > >> listen parameter?
> > >> - Are you connecting to the right port (i.e.
> 5061
> > >> and not 5060) ?
> > >>
> > >> Jan.
> > >>
> > >
> > >
> > >
> > >
> > >
>
____________________________________________________________________________________
> > > Finding fabulous fares is fun.
> > > Let Yahoo! FareChase search your favorite travel
> sites to find flight and hotel bargains.
> > >
> http://farechase.yahoo.com/promo-generic-14795097
> > >
> >
> > _______________________________________________
> > Serusers mailing list
> > Serusers at lists.iptel.org
> > http://lists.iptel.org/mailman/listinfo/serusers
>
____________________________________________________________________________________
Looking for earth-friendly autos?
Browse Top Cars by "Green Rating" at Yahoo! Autos' Green Center.
http://autos.yahoo.com/green_center/
More information about the sr-users
mailing list