[Kamailio-Users] kamailio with tls

ingdavidcespedes at cable.net.co ingdavidcespedes at cable.net.co
Fri Oct 24 23:43:51 CEST 2008


I knowed that you can have TLS connection between UA and other Proxy Servers, but I didn't know that Kamailio supports it, thanks for your comment.
So maybe Paulos's problem is that his Client is not trying to REGISTER to the correct port (5061) of his Kamailio. 

----- Mensaje original -----
De: Klaus Darilion <klaus.mailinglists at pernau.at>
Fecha: Viernes, Octubre 24, 2008 12:45 pm
Asunto: Re: [Kamailio-Users] kamailio with tls

> (cc'ed to the mailinglist)
> 
> ingdavidcespedes at cable.net.co schrieb:
> > Enable TLS in Kamailio is only for connection between other Kamailio
> > (SIP Proxy Servers), it doesn't have anything to do with UA, or 
> am I
> > wrong? . As I understand, you can not implement TLS between UA's and
> > Kamailio.
> 
> Of course you can. If the SIP client supports TLS you can also use 
> TLS 
> between UA and Kamailio - no problem.
> 
> I use it with eyebeam clients and SNOM phones. Also pjsip supports 
> TLS, 
> for example you can test it using QjSimple.
> http://www.ipcom.at/index.php?id=560
> 
> regards
> klaus
> 
> 
> > 
> > ----- Mensaje original ----- De: Klaus Darilion
> > <klaus.mailinglists at pernau.at> Fecha: Viernes, Octubre 24, 2008 
> 11:04> am Asunto: Re: [Kamailio-Users] kamailio with tls
> > 
> >> 
> >> paulo leonardo schrieb:
> >>> Hi,
> >>> 
> >>> I would like a litle help :D!
> >>> 
> >>> I installed kamailio and everything is ok :D! But i want to use
> >> TLS, but
> >>> when i  setup TLS in kamailio, don't work the REGISTER (i can't
> >> register
> >>> my sofphone ...). And i compliled kamilio with TLS!!! when i
> >> comment the
> >>> cofigurantion TLS and use port 5060 works!
> >> 
> >> So, "what" does not work?
> >> 
> >> - Does Kamailio start (ps -Alf|grep kamailio)? - Does K listen to
> >> the specified TLS socket (netstat -anp|grep kama)? - which client
> >> do you use? - is a TCP connection set up? - is a TLS handshake
> >> happening (ssldump)? - what is in the logfile of Kamailio? .....
> >> 
> >> Your error description is to short!
> >> 
> >> regards klaus
> >> 
> >> 
> >> 
> >> 
> >>> below is my configuration
> >>> 
> >>> ----------------------------------------- disable_tls = no listen
> >>> = tls:192.168.170.101:5061 <http://192.168.170.101:5061> 
> >>> tls_verify_server = 1 tls_verify_client = 1 
> >>> tls_require_client_certificate = 1 tls_method = TLSv1 
> >>> tls_certificate =
> >>> "/usr/local/etc/kamailio/tls/user/user-cert.pem" tls_private_key
> >>> = "/usr/local/etc/kamailio/tls/user/user-
> >> privkey.pem"> tls_ca_list
> >>> ---------------------------------------
> >>> 
> >>> if (!www_authorize("192.168.170.101 <http://192.168.170.101>", 
> >>> "subscriber")) { www_challenge("192.168.170.101
> >> <http://192.168.170.101>", "0");
> >>> exit; }
> >>> 
> >>> ----------------------------------------
> >>> 
> >>> root at pst:/usr/local/etc/kamailio# ls -R tls/ tls/: ca.conf
> >>> README  request.conf  rootCA  user  user.conf
> >>> 
> >>> tls/rootCA: cacert.pem  certs  index.txt  private  serial
> >>> 
> >>> tls/rootCA/certs:
> >>> 
> >>> tls/rootCA/private: cakey.pem
> >>> 
> >>> tls/user: user-calist.pem  user-cert.pem  user-cert_req.pem
> >>> user-privkey.pem
> >>> 
> >>> 
> >>> thanks!!!
> >>> 
> >>> 
> >>> 
> >>> ----------------------------------------------------------------
> --
> >>> 
> >> ------
> >>> _______________________________________________ Users mailing
> >>> list Users at lists.kamailio.org 
> >>> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
> >> _______________________________________________ Users mailing 
> list 
> >> Users at lists.kamailio.org 
> >> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
> >> 
> > 
> 
> _______________________________________________
> Users mailing list
> Users at lists.kamailio.org
> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
> 





More information about the Users mailing list