[SR-Users] Does tls/wss actually work or What is required for tls/wss

Olle E. Johansson oej at edvina.net
Wed Mar 19 17:23:48 CET 2014 

On 19 Mar 2014, at 17:03, jaflong jaflong <jaflong at yandex.com> wrote:

> 
> Ollie, Thanks for the info.
> 
> I am not aware how to test SIP/TLS can you make a suggestion of how to do it and what is the url of the page you mention.
> 
One line below :-)

> However I have followed this page http://www.kamailio.org/wiki/tutorials/tls/testing-and-debugging
> 
> I can get a successful tls connection when I connect with http so I know basic tls works.
> 
> Tested by having this in kamailio.cfg
> 
> event_route[xhttp:request] {
>    set_reply_close();
>    set_reply_no_connect();
> 
>    xhttp_reply("200", "OK", "text/html","<html><body>Received HTTP request to $hu from [$si:$sp] with protocol $proto</body></html>");
>    xlog("L_INFO", "HTTP Request Received\n");
> 
>    ......
> 
> Going to https://10.1.2.3:6443 gives this
> Received HTTP request to / from [10.1.1.1:58179] with protocol tls
Ok, so the basic TLS is up and running. Then I leave the WSS part to developers that know that part much better than I do. 

/O
> 
> 
> 
> 19.03.2014, 19:50, "Olle E. Johansson" <oej at edvina.net>:
>> On 19 Mar 2014, at 16:46, jaflong jaflong <jaflong at yandex.com> wrote:
>> 
>>>  Hi,
>>> 
>>>  What are the requirements for connecting with tls/wss.
>>> 
>>>  I have not come across any information or example for this.
>>> 
>>>  My config is working when the client uses ws. However if I change this to use wss, (this is it only paramter I change) it does not work.
>>>  I understand Kamailio does not support DTLS, I set the jssip client DtlsSrtpKeyAgreement to false to disable this, I also set the tls option to not require or verify certicficates and it still does not work.
>> 
>> Kamailio has nothing to do with DTLS - it's in the media layer, not in the signalling.
>> 
>>>  What if other considaerstion do I need to check?
>> 
>> Check if normal SIP/TLS works and if you can connect with a web browser. There is a TLS debugging page on the Kamailio wiki with a lot of helpful tips and tricks. We might want to add WSS to that page.
>> 
>> /O
>> 
>>>  thanks
>>> 
>>>  _______________________________________________
>>>  SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>>>  sr-users at lists.sip-router.org
>>>  http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>> 
>> _______________________________________________
>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
> 
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

More information about the sr-users mailing list