[Kamailio-Users] questions about TLS

Klaus Darilion klaus.mailinglists at pernau.at
Mon Sep 21 15:07:59 CEST 2009


To route a SIP request with TLS you have the following choices:

- add the ";transport=tls" parameter to the request URI
- explicitely relay with protocol, see: 
http://www.kamailio.org/docs/modules/1.5.x/tm.html#trelay-1
- use NAPTR and SRV records with TLS as highest prior transport protocol


Once a request is received over a TLS connection, you can use 
is_peer_verified() to find out if the other party provided a certificate 
which was successfully validated against the CA certs.

regards
klaus


zhangchao00001 schrieb:
> 
> 
> Hello everybody:
>   I've have some questions about tls connection.
>   How to build the tls connection between two proxy? there's just one 
> function is_peer_verified() in tlsops module. Is it that we set the 
> paramer, the proxy will connect  by itself or we should build the 
> connection in the config file explicitly? could someone give me a example?
> Proxy1<----TLS--->Proxy2
>  
> 
> 
> ------------------------------------------------------------------------
> "ÖйúÖÆÔì",½²ÊöÖйú60ÄêÍùÊ 
> <http://news.163.com/madeinchina/index.html?from=mailfooter>
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Kamailio (OpenSER) - Users mailing list
> Users at lists.kamailio.org
> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
> http://lists.openser-project.org/cgi-bin/mailman/listinfo/users




More information about the sr-users mailing list