[SR-Users] "Create Certificates to be used with Kamailio" changes
Klaus Darilion
klaus.mailinglists at pernau.at
Thu Sep 30 18:09:40 CEST 2010
You are right.
Thanks for fixing my bugs :-)
Klaus
Am 30.09.2010 17:27, schrieb Juha Heinanen:
> now that 3.1 has async tls support, i decided (first time ever) to try
> to test tls. things went quite smoothly when i followed "Create
> Certificates to be used with Kamailio" document
>
> http://kamailio.org/dokuwiki/doku.php/tls:create-certificates#using_the_certificates_with_tls
>
> during the process, i fixed a typo in the doc, added two comments to cfg
> part:
>
> enable_tls=1
> tcp_async=no # do not include in 3.1
> listen=udp:0.0.0.0:5060
> listen=tcp:0.0.0.0:5060
> listen=tls:0.0.0.0:5061 # not needed in 3.1
>
> and fixed wrong file references in client configurations:
>
> eyebeam: copy the CA certificate (/etc/certs/demoCA/cert.pem) to the Windows PC and add it to the Windows certificate store (Start→Control Panel→Internet)
>
> QjSimple: copy the CA certificate (/etc/certs/demoCA/cert.pem) to the
> client PC and configure QjSimple to use this CA (“TLS CA file” and
> “verify TLS server certificate)
>
> earlier the paths pointed to certs/sip.mydomain.com files, which i think
> were wrong. at least i was not able to get them working.
>
> perhaps someone who is more familiar with tsl stuff could verify the
> above changes.
>
> -- juha
>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
More information about the sr-users
mailing list