now that 3.1 has async tls support, i decided (first time ever) to try to test tls. things went quite smoothly when i followed "Create Certificates to be used with Kamailio" document
http://kamailio.org/dokuwiki/doku.php/tls:create-certificates#using_the_certificates_with_tls during the process, i fixed a typo in the doc, added two comments to cfg part: enable_tls=1 tcp_async=no # do not include in 3.1 listen=udp:0.0.0.0:5060 listen=tcp:0.0.0.0:5060 listen=tls:0.0.0.0:5061 # not needed in 3.1 and fixed wrong file references in client configurations: eyebeam: copy the CA certificate (/etc/certs/demoCA/cert.pem) to the Windows PC and add it to the Windows certificate store (Start→Control Panel→Internet) QjSimple: copy the CA certificate (/etc/certs/demoCA/cert.pem) to the client PC and configure QjSimple to use this CA (“TLS CA file” and “verify TLS server certificate) earlier the paths pointed to certs/sip.mydomain.com files, which i think were wrong. at least i was not able to get them working. perhaps someone who is more familiar with tsl stuff could verify the above changes. -- juha _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
