[SR-Users] What is required to enable TLS on non-standard port?

info at vintageelectronics.ca info at vintageelectronics.ca
Sat Mar 1 01:07:45 CET 2014 

That's fine as long as it is possible to connect via TLS and exchange 
voice/text.
The linked tutorial, as I understand, was written by Kamailio developer 
and it should be trustworthy.
Is there anything else that I could miss? It sounded so easy in that 
tutorial, but on practice nothing but TCP works.

On 02/16/2014 03:03 AM, Olle E. Johansson wrote:
>
> On 16 Feb 2014, at 03:22, info at vintageelectronics.ca 
> <mailto:info at vintageelectronics.ca> wrote:
>
>> I was going by this tutorial - it said that default certs should 
>> suffice: 
>> http://kb.asipto.com/kamailio:skype-like-service-in-less-than-one-hour
>>
>>
>> On 02/15/2014 07:34 PM, Corey Edwards wrote:
>>>
>>> On Fri, Feb 14, 2014 at 7:35 PM, <info at vintageelectronics.ca 
>>> <mailto:info at vintageelectronics.ca>> wrote:
>>>
>>>     Testing in the same box for now with the goal to at least get it
>>>     working within one machine.
>>>     Do you mean that TLS will not work with the cert/key shipped
>>>     with kamailio?
>>>
>>>
>>> I've never tried. A default key would not be very secure, but if you 
>>> have a valid certificate and key it should work.
>
> The default certificates are self-signed. A client may not recognize 
> these as trustworthy, policy may claim that only certificates signed 
> by a well-known CA that the client has root certificates for is 
> trusted, so the TLS connection will not be completed.
>
> If the client sets up a TLS connection anyway, that's fine. There will 
> be encryption, but no authentication. The client should not show any 
> lock in this case or in any way indicate a "secure" connection to the 
> server. The connection should not be trusted for exchange of media 
> encryption keys or any other confidential data.
>
> /O
>
> --
> * Olle E. Johansson - oej at edvina.net <mailto:oej at edvina.net>
> * Kamailio & SIP Masterclass Miami FL, Oxford UK and Malaga, Spain 
> this spring!
> * http://edvina.net/training/
>
>
>
>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20140228/68febf41/attachment.html>

More information about the sr-users mailing list