[Users] OpenSER devel & SNOM 360

Daniel-Constantin Mierla daniel at voice-system.ro
Mon Feb 5 11:03:53 CET 2007 

Hello,

in 1.2.0 the requirement of client certificate as well as verification 
of sever and client certificate are set on by default. Maybe you had 
them off in the old version. See the tls manual to change the values of 
those parameters.

http://www.openser.org/docs/tls.html#AEN293

Cheers,
Daniel


On 02/02/07 14:44, mika.saari at wipsl.com wrote:
> Hi again,
>
>   My openssl is openssl-0.9.8c-4, and SNOM 360 firmware is latest 6.5.2. I
> also found that somebody had problems with certificate bit size
> (2048/512), so generated totally new 1024 CA and 1024 certificate
> request, but still no luck with SNOM. ssldump seems like this:
>
>
>   Thanks for any hints / tips,
>     -Mika
>
> -- clip --
> 1 1  0.0710 (0.0710)  C>S  Handshake
>       ClientHello
>         Version 3.1
>         cipher suites
>         TLS_RSA_WITH_RC4_128_MD5
>         TLS_RSA_WITH_RC4_128_SHA
>         TLS_RSA_WITH_NULL_MD5
>         TLS_RSA_WITH_NULL_SHA
>         TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
>         TLS_DH_anon_WITH_RC4_128_MD5
>         TLS_RSA_WITH_DES_CBC_SHA
>         TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
>         TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
>         TLS_DH_anon_WITH_DES_CBC_SHA
>         compression methods
>                   NULL
> 1 2  0.0780 (0.0069)  S>C  Handshake
>       ServerHello
>         Version 3.1
>         session_id[32]=
>           0e 74 fa c8 ed 22 e1 8b 0c ad aa ce f0 70 a0 a9
>           d6 5c d1 23 14 06 fc 37 9b 2d 7c 89 73 1c 0b 80
>         cipherSuite         TLS_RSA_WITH_RC4_128_SHA
>         compressionMethod                   NULL
> 1 3  0.0780 (0.0000)  S>C  Handshake
>       Certificate
> 1 4  0.0780 (0.0000)  S>C  Handshake
>       CertificateRequest
>         certificate_types                   rsa_sign
>         certificate_types                   dss_sign
>         certificate_types                 unknown value
>       ServerHelloDone
> 1 5  0.3278 (0.2498)  C>S  Handshake
>       Certificate
> 1 6  0.3278 (0.0000)  C>S  Handshake
>       ClientKeyExchange
> 1 7  0.3278 (0.0000)  C>S  ChangeCipherSpec
> 1 8  0.3278 (0.0000)  C>S  Handshake
> 1 9  0.3280 (0.0002)  S>C  Alert
>     level           fatal
>     value           handshake_failure
> 1    0.3284 (0.0003)  S>C  TCP RST
> -- clip --
>
>
> _______________________________________________
> Users mailing list
> Users at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/users
>
>

More information about the sr-users mailing list