sr-users November 2015

sr-users@lists.kamailio.org

80 participants
123 discussions

by Vladimer Gabunia

hello all. we compiled kamailio with TLS Support. but have next problem when using CRL Lits. Our Certificate issuing scheme is follow: Offline Root CA -> Enterprise SubCA -> Server and Phone Certificate CRL list is signed by SubCA. option "require client certificate is enables (1) " When we enable CRL list, phones are not registered. CA file is offline RootCA certificate in pem format. We think that the reason is that СRL was signed by Subca or incorrect CRL format. CRL is converted from MS CRL to PEM. (What is the format for the CRL) maybe someone have experiance with similar scenarios? thanks in advance!! ________________________________ [gh.ge] ვლადიმერ გაბუნია IT სამსახურის უფროსი ტელ: (+995) 32 2505222 +8183 მობ: (995) 577 095333 შპს "ჯეო ჰოსპიტალს" სათავო ოფისი თბილისი 0160, ვაჟა-ფშაველას გამზ. № 16; http://www.gh.ge <http://gh.ge>

9 years

Problems with dispatcher module | feature disabled

by Alessio Casco

Hello! We noticed today an issue with the kamailio loadbalancing. Basically kamailio is not considering if an host is up or not, backends are set always as "FLAGS: AP" even if the host is down. I see this when the proxy starts : ERROR: dispatcher [dispatcher.c:768]: ds_warn_fixup(): failover functions used, but required AVP parameters are NULL -- feature disabled These the parameters I have set: # ----- dispatcher params ----- modparam("dispatcher", "list_file", "/etc/kamailio/dispatcher.list") modparam("dispatcher", "dst_avp", "$avp(dsdst)") modparam("dispatcher", "grp_avp", "$avp(dsgrp)") modparam("dispatcher", "cnt_avp", "$avp(dscnt)") modparam("dispatcher", "ds_ping_method", "OPTIONS") modparam("dispatcher", "ds_ping_reply_codes", "class=2;class=3;code=404") modparam("dispatcher", "ds_ping_from", "sip:proxy@sip.nexmo.com") modparam("dispatcher", "ds_ping_interval", 20) modparam("dispatcher", "ds_probing_threshold", 1) modparam("dispatcher", "ds_probing_mode", 1) modparam("dispatcher", "ds_hash_size", 10) modparam("dispatcher", "ds_hash_expire", 3600) modparam("dispatcher", "ds_hash_initexpire", 60) modparam("dispatcher", "ds_hash_check_interval", 10) modparam("dispatcher", "use_default", 0) modparam("dispatcher", "attrs_pvname", "$avp(carrierattr)") modparam("dispatcher", "setid_pvname", "$avp(carriergroup)") modparam("dispatcher", "flags", 2) I use 4.3.3, I think this issue started after upgrading from 4.3.1 but I can't say for sure. Can someone please give us some advices on this? Thanks Alessio

9 years

Which option uses for check certificate revocation in kamailio 1.5.x ?

by Evgeniy Ivanov

Hello! I use kamailio 1.5.4-tls (i386/linux). I configured the tls options: disable_tls = 0 listen=tls:192.168.50.60:5061 tls_certificate="/etc/kamailio/tls/crt.pem" tls_private_key="/etc/kamailio/tls/key.pem" tls_ca_list="/etc/kamailio/tls/ca.pem" tls_verify_client=on tls_require_client_certificate=on I need to check certificate revocation, but the option tls_crl does not work. Which option uses for check certificate revocation in kamailio 1.5.x ?

9 years

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users November 2015