Hi, I have just built Kamailio from Git master, configured TCP and TLS, and an HTTP event route. I was able to connect to Kamailio over TLS using Google Chrome (and saw the "SSL Error: The site's security certificate is not trusted!" page). After I clicked on "Proceed anyway" I saw the log message I put in the HTTP event route come out.
I also logged in with Jitsi using TLS and that worked fine too. I tried this with both the WebSocket module loaded and without it, and it worked in both cases. I also tried the above with TCP and that worked fine as well. As far as I can tell TLS is working in Kamailio Git master. Regards, Peter > On Wed, Jul 11, 2012 at 9:37 PM, Peter Dunkley > <peter.dunk...@crocodile-rcs.com> wrote: >> >> Hi, >> >> WebSockets over TLS works which requires establishing a TLS connection >> and >> exchanging an HTTP request and response. It doesn't sound like this >> connection is even getting passed the TLS handshake part? >> >> Peter >> > > Hi, > That was my first guess. I will run some tests with plain tcp socket > and post update. > > cheers. > >> >> On Wed, 2012-07-11 at 17:14 +0200, Klaus Darilion wrote: >> >> Maybe there were some changes fore websocket support which cause >> problems. Do plain TCP connections work? >> >> klaus >> >> On 11.07.2012 16:20, Aft nix wrote: >> > On Wed, Jul 11, 2012 at 6:56 PM, Klaus Darilion >> > <klaus.mailingli...@pernau.at> wrote: >> >> I just tested TLS with Kamailio 3.3.0 and Eyebeam and it works. Make >> >> sure to >> >> specify "ca_list" if intermediate certificates are used. >> >> >> > >> > I was working with master branch, not 3.3 branch. >> > >> >> >> >> regards >> >> Klaus >> >> >> >> On 09.07.2012 13:27, Aft nix wrote: >> >>> >> >>> Hi, >> >>> >> >>> I have enabled tls parameters as follows: >> >>> >> >>> in kamailio.cfg >> >>> >> >>> listen = tls:<IP>:<PORT> >> >>> >> >>> in tls.cfg >> >>> >> >>> [server:<IP>:<PORT>] >> >>> method = TLSv1 >> >>> verify_certificate = no >> >>> require_certificate = no >> >>> private_key = /usr/local/etc/kamailio/kamailio-selfsigned.key >> >>> certificate = /usr/local/etc/kamailio/ >> kamailio-selfsigned.pem >> >>> >> >>> Now if i try to connect to this interface using openssl s_client, it >> >>> does connects, >> >>> but now server certificate is sent from kamailio. >> >>> >> >>> kamailio log shows this : >> >>> >> >>> <core> [ip_addr.c:247]: tcpconn_new: new tcp connection: <CLIENT >> >>> IP> >> >>> <core> [tcp_main.c:10 _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
