the snom softphone:
http://www.chip.de/downloads/360-Softphone_14364878.html
it's completely outdated. and therefore good for such backwards
compatible tests.
interesting! Does it support client certificate? Or is like with
snom
hardphones, it can use server certificate for encryption, but you cannot
set a client side certificate for using it to do user authentication.
Cheers,
Daniel
Kristijan
2012/3/12 Daniel-Constantin Mierla<miconda(a)gmail.com>om>:
> Hello,
>
> thanks for reporting back it's working -- please keep the mailing list
> cc-ed, so people looking for same issue will be able to find it when
> searching the web archive.
>
> I am using snom3xx with tls and kamailio 3.x a lot, never had issues, but I
> have no clue about the softphone.exe
>
> Cheers,
> Daniel
>
>
> On 3/11/12 8:09 PM, Kristijan Vrban wrote:
>> Hello Daniel,
>>
>> many thanks for the fast reply, And yes, the session_cache option
>> solved my problem. Well... the device i used was the immemorial
>> snom360 softphone.exe
>> running with wine :) The softphone i use since years for TLS testing.
>>
>> Kristijan
>>
>> 2012/3/11 Daniel-Constantin Mierla<miconda(a)gmail.com>om>:
>>> Hello,
>>>
>>>
>>> On 3/11/12 1:28 AM, Kristijan Vrban wrote:
>>>> Hello, how to tell that Kamailio should juse a session_id for tls ?
>>>> See ssldump output below. I reckon that this is the reason the
>>>> client i use end with "handshake_failure". Because when is use
>>>> opensips, there is the session_id, and it's working.
>>>>
>>>> Kristijan
>>>>
>>>> 2 1 0.0228 (0.0228) C>S Handshake
>>>> ClientHello
>>>> Version 3.1
>>>> cipher suites
>>>> TLS_RSA_WITH_RC4_128_MD5
>>>> TLS_RSA_WITH_RC4_128_SHA
>>>> TLS_RSA_WITH_NULL_MD5
>>>> TLS_RSA_WITH_NULL_SHA
>>>> TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
>>>> TLS_DH_anon_WITH_RC4_128_MD5
>>>> TLS_RSA_WITH_DES_CBC_SHA
>>>> TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
>>>> TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
>>>> TLS_DH_anon_WITH_DES_CBC_SHA
>>>> compression methods
>>>> NULL
>>>> 1 0.0519 (0.0519) C>S TCP FIN
>>>> 2 2 0.0432 (0.0204) S>C Handshake
>>>> ServerHello
>>>> Version 3.1
>>>> session_id[0]=
>>>>
>>>> cipherSuite TLS_RSA_WITH_RC4_128_MD5
>>>> compressionMethod NULL
>>>> 2 3 0.0432 (0.0000) S>C Handshake
>>>> Certificate
>>>> 2 4 0.0432 (0.0000) S>C Handshake
>>>> ServerHelloDone
>>>> 2 5 0.0452 (0.0020) C>S Alert
>>>> level fatal
>>>> value handshake_failure
>>>> 1 0.0744 (0.0225) S>C TCP FIN
>>>> 2 0.0681 (0.0228) S>C TCP FIN
>>> the tls module has now the option to turn on/off session caching, which
>>> was
>>> on by default in openser 1.x. Now it is off as it does not make much
>>> benefits with out multi-process architecture. Try to add to your config:
>>>
>>> modparam("tls", "session_cache", 1)
>>>
>>> Let me know if works -- the module parameter is missing from the readme,
>>> perhaps the author forgot to add it at the time of development -- I will
>>> try
>>> to sync the sources and the readme for tls module asap.
>>>
>>> Cheers,
>>> Daniel
>>>
>>> --
>>> Daniel-Constantin Mierla
>>> Kamailio Advanced Training, April 23-26, 2012, Berlin, Germany
>>>
http://www.asipto.com/index.php/kamailio-advanced-training/
>>>
> --
> Daniel-Constantin Mierla
> Kamailio Advanced Training, April 23-26, 2012, Berlin, Germany
>
http://www.asipto.com/index.php/kamailio-advanced-training/
>
--
Daniel-Constantin Mierla
Kamailio Advanced Training, April 23-26, 2012, Berlin, Germany