On Thu, Jul 10, 2003, Andrei Pelinescu-Onciul wrote:
No. stunnel is used for SSL-tunneling inetd daemons. It won't work with ser. sip proxies have to be able to open new connections (they can't be run from inetd). Even if you use it to re-inject the packets on another port (e.g. send all the ssl stuff on tcp localhost:5060 via netcat) you will still not have a tls sip server (any connections opened from ser side will still be non-tls). A TLS sip proxy should also support sips: uris.
I agree it would not be able to handle outgoing connections. Still, this should allow TLS communication between the UA and its proxy (especially REGISTER), correct me if I'm wrong.
BTW: what tls-enabled sip uac do you use?
I just tried connecting to my stunnel with Windows Messenger, but it failed with almost no reason given. I will tried to see what happens with tcpdump.
Thanks for your help,