[Kamailio-Users] kamailio with tls
ingdavidcespedes at cable.net.co
ingdavidcespedes at cable.net.co
Fri Oct 24 23:43:51 CEST 2008
I knowed that you can have TLS connection between UA and other Proxy Servers, but I didn't know that Kamailio supports it, thanks for your comment.
So maybe Paulos's problem is that his Client is not trying to REGISTER to the correct port (5061) of his Kamailio.
----- Mensaje original -----
De: Klaus Darilion <klaus.mailinglists at pernau.at>
Fecha: Viernes, Octubre 24, 2008 12:45 pm
Asunto: Re: [Kamailio-Users] kamailio with tls
> (cc'ed to the mailinglist)
>
> ingdavidcespedes at cable.net.co schrieb:
> > Enable TLS in Kamailio is only for connection between other Kamailio
> > (SIP Proxy Servers), it doesn't have anything to do with UA, or
> am I
> > wrong? . As I understand, you can not implement TLS between UA's and
> > Kamailio.
>
> Of course you can. If the SIP client supports TLS you can also use
> TLS
> between UA and Kamailio - no problem.
>
> I use it with eyebeam clients and SNOM phones. Also pjsip supports
> TLS,
> for example you can test it using QjSimple.
> http://www.ipcom.at/index.php?id=560
>
> regards
> klaus
>
>
> >
> > ----- Mensaje original ----- De: Klaus Darilion
> > <klaus.mailinglists at pernau.at> Fecha: Viernes, Octubre 24, 2008
> 11:04> am Asunto: Re: [Kamailio-Users] kamailio with tls
> >
> >>
> >> paulo leonardo schrieb:
> >>> Hi,
> >>>
> >>> I would like a litle help :D!
> >>>
> >>> I installed kamailio and everything is ok :D! But i want to use
> >> TLS, but
> >>> when i setup TLS in kamailio, don't work the REGISTER (i can't
> >> register
> >>> my sofphone ...). And i compliled kamilio with TLS!!! when i
> >> comment the
> >>> cofigurantion TLS and use port 5060 works!
> >>
> >> So, "what" does not work?
> >>
> >> - Does Kamailio start (ps -Alf|grep kamailio)? - Does K listen to
> >> the specified TLS socket (netstat -anp|grep kama)? - which client
> >> do you use? - is a TCP connection set up? - is a TLS handshake
> >> happening (ssldump)? - what is in the logfile of Kamailio? .....
> >>
> >> Your error description is to short!
> >>
> >> regards klaus
> >>
> >>
> >>
> >>
> >>> below is my configuration
> >>>
> >>> ----------------------------------------- disable_tls = no listen
> >>> = tls:192.168.170.101:5061 <http://192.168.170.101:5061>
> >>> tls_verify_server = 1 tls_verify_client = 1
> >>> tls_require_client_certificate = 1 tls_method = TLSv1
> >>> tls_certificate =
> >>> "/usr/local/etc/kamailio/tls/user/user-cert.pem" tls_private_key
> >>> = "/usr/local/etc/kamailio/tls/user/user-
> >> privkey.pem"> tls_ca_list
> >>> ---------------------------------------
> >>>
> >>> if (!www_authorize("192.168.170.101 <http://192.168.170.101>",
> >>> "subscriber")) { www_challenge("192.168.170.101
> >> <http://192.168.170.101>", "0");
> >>> exit; }
> >>>
> >>> ----------------------------------------
> >>>
> >>> root at pst:/usr/local/etc/kamailio# ls -R tls/ tls/: ca.conf
> >>> README request.conf rootCA user user.conf
> >>>
> >>> tls/rootCA: cacert.pem certs index.txt private serial
> >>>
> >>> tls/rootCA/certs:
> >>>
> >>> tls/rootCA/private: cakey.pem
> >>>
> >>> tls/user: user-calist.pem user-cert.pem user-cert_req.pem
> >>> user-privkey.pem
> >>>
> >>>
> >>> thanks!!!
> >>>
> >>>
> >>>
> >>> ----------------------------------------------------------------
> --
> >>>
> >> ------
> >>> _______________________________________________ Users mailing
> >>> list Users at lists.kamailio.org
> >>> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
> >> _______________________________________________ Users mailing
> list
> >> Users at lists.kamailio.org
> >> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
> >>
> >
>
> _______________________________________________
> Users mailing list
> Users at lists.kamailio.org
> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
>
More information about the Users
mailing list