Thanks Klaus.
On 12/29/06, Klaus Darilion klaus.mailinglists@pernau.at wrote:
The only free TLS-capeable client is minisip.
Commercial phones with TLs support are eyebeam (IMO the best client available and IMO worth the 60$) and the SNOM hardphones.
MAybe the free snom softphone also supports TLS - but I do not know.
regards klaus
On Fri, December 29, 2006 15:21, Ncheeku Baranov said:
Thanks Steffen. Is there any freely available tls client which can be
used
to check this settings and the handshake? That will be really helpful..
Best regards, NCheeku
On 12/28/06, Steffen Witt witt.steffen@googlemail.com wrote:
Hello Ncheeku,
change to the directory with your ".pem" files: /usr/local/etc/openser/tls/user
Then you can test your TLS handshake with the following command:
openssl s_server -cert user-cert.pem -key user-privkey.pem -state -accept 5061
Openssl simulates a TLS server with your certificate/private key files and it accepts only requests at port 5061.
Best regards, Steffen
2006/12/28, Ncheeku Baranov opensersubscribe@gmail.com:
Thanks a lot Steffen. Adding the new listen =
udp:10.30.100.41:5060indeed
worked. How can I check the TLS handshake using openssl at the
server?
Thanks a lot..
On 12/28/06, Steffen Witt witt.steffen@googlemail.com wrote:
Hello again,
maybe you should add the following line to test your non-TLS UAs:
disable_tls = 0 listen = udp:10.30.100.41:5060 <--- listen = tls:10.30.100.41:5061
You can check your TLS handshake by simulating your server with
openssl.
Please have a look at the following link that describes the TLS
support:
http://www.openser.org/docs/tls.html
Best regards, Steffen
2006/12/28, Ncheeku Baranov opensersubscribe@gmail.com:
Hi,
I am trying to make my non-TLS/TLS UA register with my TLS
enabled
openSER.
Currently I am just working on my local machine with the client
UAs on
the
same subnet,(so there is only one domain, but its not named).
Below is
my
configuration file:
disable_tls = 0 listen = tls:10.30.100.41:5061 tls_verify_server = 1 tls_verify_client = 0 tls_require_client_certificate = 0 tls_method = TLSv1 tls_certificate =
"/usr/local/etc/openser/tls/user/user-
cert.pem" tls_private_key =
"/usr/local/etc/openser/tls/user/user-
privkey.pem" tls_ca_list = "usr/local/etc/openser/tls/user/user-calist.pem"
However, with the above configuration the client UAs couldnot
register
and I
got 408 Request Time out Message. Is there any field that is
missing to
make
this simple scenario work? What should be the values of
"tls_client_domain"
and "tls_server_domain" fields in this case?
I noticed that when I start the openSER without TLS support using "openserctl start" and do "ps -e" after that, there are more
openSER
processes running than if I start openSER with TLS support in
which case
I
see very few of these processes running.
Your help is much appreciated....
Best regards, NCheeku
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users