Re: [sr-dev] [kamailio/kamailio] fix TLS client config selection based on dst ip and port (#842)

3 Nov 2016


      It is interesting but not easy solution.
Because tls_lookup_cfg accepting only one ip and port...
Another solution can be in [MANAGE_BRANCH] route add next check condition:
```
if ($rP == "TLS") {
     $xavp(tls=>server_name) = $rd + ":" + $rp;
     $xavp(tls=>server_id) = $rd + ":" + $rp;
}
```
and in tls.cfg:
```
[client:10.1.23.19:5061]
verify_certificate = yes
ca_list = /etc/kamailio/CAs/ca1.pem
private_key = /etc/kamailio/CAs/client1.key
server_name = 10.1.23.19:5061
server_id = 10.1.23.19:5061
```
It works too.
After location check i have ruri like 9098@10.1.23.19:5061;transport=TLS
May bee this is the simplest solution...
-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/pull/842#issuecomment-258091140

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

Re: [sr-dev] [kamailio/kamailio] fix TLS client config selection based on dst ip and port (#842)