I knowed that you can have TLS connection between UA and other Proxy Servers, but I
didn't know that Kamailio supports it, thanks for your comment.
So maybe Paulos's problem is that his Client is not trying to REGISTER to the correct
port (5061) of his Kamailio.
----- Mensaje original -----
De: Klaus Darilion <klaus.mailinglists(a)pernau.at>
Fecha: Viernes, Octubre 24, 2008 12:45 pm
Asunto: Re: [Kamailio-Users] kamailio with tls
(cc'ed to the mailinglist)
ingdavidcespedes(a)cable.net.co schrieb:
Enable TLS in Kamailio is only for connection
between other Kamailio
(SIP Proxy Servers), it doesn't have anything to do with UA, or
am I
wrong? . As I understand, you can not implement
TLS between UA's and
Kamailio.
Of course you can. If the SIP client supports TLS you can also use
TLS
between UA and Kamailio - no problem.
I use it with eyebeam clients and SNOM phones. Also pjsip supports
TLS,
for example you can test it using QjSimple.
http://www.ipcom.at/index.php?id=560
regards
klaus
----- Mensaje original ----- De: Klaus Darilion
<klaus.mailinglists(a)pernau.at> Fecha: Viernes, Octubre 24, 2008
11:04>
am Asunto: Re: [Kamailio-Users] kamailio with tls
>
> paulo leonardo schrieb:
>> Hi,
>>
>> I would like a litle help :D!
>>
>> I installed kamailio and everything is ok :D! But i want to use
> TLS, but
>> when i setup TLS in kamailio, don't work the REGISTER (i can't
> register
>> my sofphone ...). And i compliled kamilio with TLS!!! when i
> comment the
>> cofigurantion TLS and use port 5060 works!
>
> So, "what" does not work?
>
> - Does Kamailio start (ps -Alf|grep kamailio)? - Does K listen to
> the specified TLS socket (netstat -anp|grep kama)? - which client
> do you use? - is a TCP connection set up? - is a TLS handshake
> happening (ssldump)? - what is in the logfile of Kamailio? .....
>
> Your error description is to short!
>
> regards klaus
>
>
>
>
>> below is my configuration
>>
>> ----------------------------------------- disable_tls = no listen
>> = tls:192.168.170.101:5061 <http://192.168.170.101:5061>
>> tls_verify_server = 1 tls_verify_client = 1
>> tls_require_client_certificate = 1 tls_method = TLSv1
>> tls_certificate =
>> "/usr/local/etc/kamailio/tls/user/user-cert.pem" tls_private_key
>> = "/usr/local/etc/kamailio/tls/user/user-
> privkey.pem"> tls_ca_list
>> ---------------------------------------
>>
>> if (!www_authorize("192.168.170.101 <http://192.168.170.101>",
>> "subscriber")) { www_challenge("192.168.170.101
> <http://192.168.170.101>", "0");
>> exit; }
>>
>> ----------------------------------------
>>
>> root@pst:/usr/local/etc/kamailio# ls -R tls/ tls/: ca.conf
>> README request.conf rootCA user user.conf
>>
>> tls/rootCA: cacert.pem certs index.txt private serial
>>
>> tls/rootCA/certs:
>>
>> tls/rootCA/private: cakey.pem
>>
>> tls/user: user-calist.pem user-cert.pem user-cert_req.pem
>> user-privkey.pem
>>
>>
>> thanks!!!
>>
>>
>>
>> ----------------------------------------------------------------
--
>>
> ------
>> _______________________________________________ Users mailing
>> list Users(a)lists.kamailio.org
>>
http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
> _______________________________________________ Users mailing
list
_______________________________________________
Users mailing list
Users(a)lists.kamailio.org
http://lists.kamailio.org/cgi-bin/mailman/listinfo/users