[SR-Users] How to enable TLS in Kamailio ?

Khoa Pham onmyway133 at gmail.com
Thu Mar 21 04:52:12 CET 2013


@Moacir, thanks

1. You said that " then use "listen="my ip address" and all enabled
services will be bound to the especified IP address." So which port does
Kamailio listen for TCP and TLS? How does client know which port to connect
to Kamailio ?




On Thu, Mar 21, 2013 at 12:41 AM, Moacir Ferreira <
moacirferreira at hotmail.com> wrote:

> Hummm. When I start playing with Kamailio I had some problems that were
> related to the compilation process not really to the final product. Now, if
> you comment out the listen statement then all server interfaces will listen
> for all enabled services (SIP-UDP, SIP-TCP and SIP-TLS if you enabled
> it). AS a troubleshooting suggestion, just comment out the "listen"
> statement and all enabled services will bind to all available IP
> interfaces. If it works, then use "listen="my ip address" and all enabled
> services will be bound to the especified IP address.
>
> Best regards,
>
> Moacir
> ------------------------------
> From: oej at edvina.net
> Date: Wed, 20 Mar 2013 12:43:06 +0100
> To: sr-users at lists.sip-router.org
> Subject: Re: [SR-Users] How to enable TLS in Kamailio ?
>
>
>
> 20 mar 2013 kl. 10:33 skrev Khoa Pham <onmyway133 at gmail.com>:
>
> Hi Olle,
>
> I follow these 2 tutorials
> 1.
> http://nil.uniza.sk/network-security/tls/configuring-tls-support-kamailio-31-howto
> which only describes to listen on tls
>
> listen=tls:158.193.139.51:5061
>
> 2. http://www.kamailio.org/dokuwiki/doku.php/tls:create-certificates
> which only describes to listen on udp and tcp
>
>  listen=udp:<ip-address-for-receiving-sip-requests>:5060
>   listen=tcp:<ip-address-for-receiving-sip-requests>:5060
>
>
> It is not until I listen on both TCP and LTS does it work.
>
> You document http://kamailio.org/docs/modules/4.0.x/modules/tls.htmlseems to lack of these "listen"
>
> Right.
> But it's in the core cookbook. We should propably add the listen to the
> TLS docs too.
>
> Thanks!
>
> /O
>
>
>
>
> On Wed, Mar 20, 2013 at 4:10 PM, Olle E. Johansson <oej at edvina.net> wrote:
>
>
> 20 mar 2013 kl. 07:55 skrev Daniel-Constantin Mierla <miconda at gmail.com>:
>
>  Hello,
>
> when tls module is installed, a self signed pair of certificate-private
> key is generated in /usr/local/etc/kamailio
>
> If you need one that is signed by a trusted CA (e.g., Verisign), you will
> have to buy it.
>
> Cheers,
> Daniel
>
> On 3/19/13 8:08 AM, Khoa Pham wrote:
>
> Hi,
>
> I want to enable TLS in Kamailio, as in here
> http://kamailio.org/docs/modules/stable/modules/tls.html
>
>  But how can I get the certificate and private key ?
>
>
> The documentation for the TLS module actually includes a quick howto.
> http://kamailio.org/docs/modules/4.0.x/modules/tls.html
>
> What part of this needs clarification? Please help us make the
> documentation better if there are parts you do not undertand or isn't
> explained.
>
> Thanks,
> /O
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
>
>
> --
> Khoa Pham
> HCMC University of Science
> Faculty of Information Technology
>  _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
>
> _______________________________________________ SIP Express Router (SER)
> and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>


-- 
Khoa Pham
HCMC University of Science
Faculty of Information Technology
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20130321/a9c5044e/attachment.htm>


More information about the sr-users mailing list