<p>It is interesting but not easy solution.</p>

<p>Because tls_lookup_cfg accepting only one ip and port...</p>

<p>Another solution can be in [MANAGE_BRANCH] route add next check condition:</p>

<pre><code>if ($rP == "TLS") {
     $xavp(tls=>server_name) = $rd + ":" + $rp;
     $xavp(tls=>server_id) = $rd + ":" + $rp;
}
</code></pre>

<p>and in tls.cfg:</p>

<pre><code>[client:10.1.23.19:5061]
verify_certificate = yes
ca_list = /etc/kamailio/CAs/ca1.pem
private_key = /etc/kamailio/CAs/client1.key
server_name = 10.1.23.19:5061
server_id = 10.1.23.19:5061
</code></pre>

<p>It works too.</p>

<p>After location check i have ruri like 9098@10.1.23.19:5061;transport=TLS</p>

<p>May bee this is the simplest solution...</p>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/kamailio/kamailio/pull/842#issuecomment-258091140">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AF36ZW7NTolJ97y-iNGOJMCW9VC4k2DWks5q6aM7gaJpZM4Km55t">mute the thread</a>.<img alt="" height="1" src="https://github.com/notifications/beacon/AF36ZWZAi-1ZSwIgl44lJIk1_QVV5aW_ks5q6aM7gaJpZM4Km55t.gif" width="1" /></p>
<div itemscope itemtype="http://schema.org/EmailMessage">
<div itemprop="action" itemscope itemtype="http://schema.org/ViewAction">
  <link itemprop="url" href="https://github.com/kamailio/kamailio/pull/842#issuecomment-258091140"></link>
  <meta itemprop="name" content="View Pull Request"></meta>
</div>
<meta itemprop="description" content="View this Pull Request on GitHub"></meta>
</div>

<script type="application/json" data-scope="inboxmarkup">{"api_version":"1.0","publisher":{"api_key":"05dde50f1d1a384dd78767c55493e4bb","name":"GitHub"},"entity":{"external_key":"github/kamailio/kamailio","title":"kamailio/kamailio","subtitle":"GitHub repository","main_image_url":"https://cloud.githubusercontent.com/assets/143418/17495839/a5054eac-5d88-11e6-95fc-7290892c7bb5.png","avatar_image_url":"https://cloud.githubusercontent.com/assets/143418/15842166/7c72db34-2c0b-11e6-9aed-b52498112777.png","action":{"name":"Open in GitHub","url":"https://github.com/kamailio/kamailio"}},"updates":{"snippets":[{"icon":"PERSON","message":"@sergey-vb in #842: It is interesting but not easy solution.\r\n\r\nBecause tls_lookup_cfg accepting only one ip and port...\r\n\r\nAnother solution can be in [MANAGE_BRANCH] route add next check condition:\r\n\r\n```\r\nif ($rP == \"TLS\") {\r\n     $xavp(tls=\u003eserver_name) = $rd + \":\" + $rp;\r\n     $xavp(tls=\u003eserver_id) = $rd + \":\" + $rp;\r\n}\r\n```\r\n\r\nand in tls.cfg:\r\n\r\n```\r\n[client:10.1.23.19:5061]\r\nverify_certificate = yes\r\nca_list = /etc/kamailio/CAs/ca1.pem\r\nprivate_key = /etc/kamailio/CAs/client1.key\r\nserver_name = 10.1.23.19:5061\r\nserver_id = 10.1.23.19:5061\r\n```\r\nIt works too.\r\n\r\nAfter location check i have ruri like 9098@10.1.23.19:5061;transport=TLS\r\n\r\nMay bee this is the simplest solution..."}],"action":{"name":"View Pull Request","url":"https://github.com/kamailio/kamailio/pull/842#issuecomment-258091140"}}}</script>