Hi,
Just out of quriousity or how you write it..
How did you compile ser? and hw did you make your certificates?
did you do : make install TLS=1 ?
- Atle
* Jan Janak jan@iptel.org [070403 19:34]:
Is there anything in syslog?
Jan.
Katty Xiong wrote:
Yes. I configured SER to listen on tls using listen parameter.
listen=tls:199.199.2.50:5061
Actually from the system I can see TCP connection for this tls is established. But somehow the tls process does not responde to the ClientHello message.
thanks, Joy
--- Jan Janak jan@iptel.org wrote:
Katty Xiong wrote:
I am using SER ottendorf with TLS protocol and
have
the following issues. Does anybody experience
similar
problems?
SER cannot run with the following setup in the configuration file: (I follow this link to setup
key
and certificate:
http://cvs.berlios.de/cgi-bin/viewcvs.cgi/ser/sip_router/modules/tls/README?...)
modparam("tls", "private_key", "cakey.pem") modparam("tls", "certificate", "cacert.pem") modparam("tls", "ca_list", "calist.pem") modparam("tls", "cipher_list", "HIGH");
You don't need that option unless you want to restrict thee list of ciphers that are available. openssl uses all available ciphers by default.
With the last line commented out: #modparam("tls", "cipher_list", "HIGH"); SER can start, but the tls connection cannot be established. Network trace shows SER does not
responde
to ClientHello sent by client.
A couple of quick questions:
- Have you configured SER to listen on tls using
listen parameter?
- Are you connecting to the right port (i.e. 5061
and not 5060) ?
Jan.
Finding fabulous fares is fun. Let Yahoo! FareChase search your favorite travel sites to find flight and hotel bargains. http://farechase.yahoo.com/promo-generic-14795097
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers