Hi Peter!
Thanks for sharing your code. For which version of ser are these
extensions? 0.8.12? 0.8.14? 0.9.0?
As I'm new to TLS, can you give some hints on how to test TLS? Which SIP
user agents can be used to test TLS?
regards,
klaus
Peter Griffiths wrote:
hello --
some time ago i extended ser to support tls, basically
i implemented functions needed by the existing tls
api. i polished the code a bit and i am giving it away
freely. there are still some things to fix, but it
mostly works.
to use the code, copy tls directory into your ser tree
and optionally patch cfg.lex and cfg.y, then recompile
ser with TLS=on.
if you also patch cfg.lex and cfg.y then you can use
extended cfg syntax and specify different keys and
certificates for different listen sockets. this is
similar to apache virtual servers with ssl. without
the patches you can only use the default configuration
directives.
to iptel: would be great to have it in cvs, what do
you think ?
-- peter
-----------
example ser.cfg:
listen=tls:127.0.0.1:5061
listen=tls:127.0.0.1:5062
# defaults for outgoing tls connections
tls_certificate="default.crt"
tls_private_key = "default.key"
#
domain1.com
tls_domain[127.0.0.1:5061] {
tls_certificate="domain1.crt"
tls_private_key = "domain1.key"
tls_method = sslv2
}
#
domain2.com
tls_domain[127.0.0.1:5062] {
tls_certificate="domain2.crt"
tls_private_key="domain2.key"
}
__________________________________
Celebrate Yahoo!'s 10th Birthday!
Yahoo! Netrospective: 100 Moments of the Web
http://birthday.yahoo.com/netrospective/
------------------------------------------------------------------------
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers