[SR-Users] "Create Certificates to be used with Kamailio" changes
Andrei Pelinescu-Onciul
andrei at iptel.org
Thu Sep 30 18:12:05 CEST 2010
On Sep 30, 2010 at 18:27, Juha Heinanen <jh at tutpro.com> wrote:
> now that 3.1 has async tls support, i decided (first time ever) to try
> to test tls. things went quite smoothly when i followed "Create
> Certificates to be used with Kamailio" document
>
> http://kamailio.org/dokuwiki/doku.php/tls:create-certificates#using_the_certificates_with_tls
>
> during the process, i fixed a typo in the doc, added two comments to cfg
> part:
>
> enable_tls=1
> tcp_async=no # do not include in 3.1
> listen=udp:0.0.0.0:5060
> listen=tcp:0.0.0.0:5060
^^^^^^^^ it should not be 0.0.0.0 but an actual IP.
If you use 0.0.0.0 you _must_ set adevertised_adress or
you will have some strange Vias && RRs.
> listen=tls:0.0.0.0:5061 # not needed in 3.1
^^^^^^^^^^^^^^^^ - it's optional only if you have another
listen which does not specify the protocol
(e.g. listen=10.0.0.2:5060 or
listen=10.0.0.2). In this case ser will
listen on all protocols on the default
port). I
This is true also for 3.0 and at least for
all ser versions.
In general I use
http://sip-router.org/docbook/sip-router/branch/master/modules/tls/tls.html#tls.certs_howto
as a quick setup reminder.
>
Andrei
More information about the sr-users
mailing list