I just tested TLS with Kamailio 3.3.0 and Eyebeam and it works. Make sure to specify "ca_list" if intermediate certificates are used.
regards Klaus
On 09.07.2012 13:27, Aft nix wrote:
Hi,
I have enabled tls parameters as follows:
in kamailio.cfg
listen = tls:<IP>:<PORT>
in tls.cfg
[server:<IP>:<PORT>] method = TLSv1 verify_certificate = no require_certificate = no private_key = /usr/local/etc/kamailio/kamailio-selfsigned.key certificate = /usr/local/etc/kamailio/kamailio-selfsigned.pem
Now if i try to connect to this interface using openssl s_client, it does connects, but now server certificate is sent from kamailio.
kamailio log shows this :
<core> [ip_addr.c:247]: tcpconn_new: new tcp connection: <CLIENT IP> <core> [tcp_main.c:1089]: tcpconn_new: on port 40727, type 3 <core> [tcp_main.c:1400]: tcpconn_add: hashes: 2614:2652:2494, 2 <core> [io_wait.h:390]: DBG: io_watch_add(0x82535e0, 23, 2, 0xb5701580), fd_no=11 <core> [io_wait.h:617]: DBG: io_watch_del (0x82535e0, 23, -1, 0x0) fd_no=12 called <core> [tcp_main.c:4296]: tcp: DBG: sending to child, events 1 <core> [tcp_main.c:3963]: WARNING: send2child: no free tcp receiver, connection passed to the least busy one (3289651) <core> [tcp_main.c:3967]: selected tcp worker 0 0(8) for activity on [tls:<IP>:<PORT>], 0xb5701580 <core> [tcp_main.c:3576]: BUG: handle_ser_child: fd -1 for 0 (pid 2491)
I'm using kamailio from git. its updated to the latest. Thanks in advance.