[SR-Users] TLS problems
Klaus Darilion
klaus.mailinglists at pernau.at
Mon Jan 25 09:59:10 CET 2010
Is this proxy->phone or phone->proxy?
klaus
Andreas Rehbein schrieb:
> Hi Klaus,
>
> this are the ssldump results:
>
> <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
> New TCP connection #1: 192.168.0.222(1619) <-> 192.168.0.89(5061)
> 1 1 0.2578 (0.2578) C>S Handshake
> ClientHello
> Version 3.1
> cipher suites
> TLS_RSA_WITH_RC4_128_MD5
> TLS_RSA_WITH_RC4_128_SHA
> TLS_RSA_WITH_NULL_MD5
> TLS_RSA_WITH_NULL_SHA
> TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
> TLS_DH_anon_WITH_RC4_128_MD5
> TLS_RSA_WITH_DES_CBC_SHA
> TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
> TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
> TLS_DH_anon_WITH_DES_CBC_SHA
> compression methods
> NULL
> 1 0.4212 (0.1633) S>C TCP FIN
> 1 0.4225 (0.0013) C>S TCP FIN
>
> Seems like snom doesn't offer compression methods...
>
> regards
> Andreas
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: Klaus Darilion [mailto:klaus.mailinglists at pernau.at]
> Gesendet: Freitag, 22. Januar 2010 16:07
> An: Andreas Rehbein
> Cc: sr-users at lists.sip-router.org
> Betreff: Re: AW: AW: AW: AW: [SR-Users] TLS problems
>
> I managed to have SNOM 320 registering at kamailio-3.0 via TLS. But I do
> not have any crashes (openssl 0.9.8g-15+lenny6).
>
> Andreas, when does the crash happen exactly: during TLS handshake or
> afterwards (you can for example use "ssldump port 5061" to debug the TLS
> connection)?
>
> regards
> klaus
>
> Andreas Rehbein schrieb:
>> Hi Klaus,
>>
>> until now (OpenSER 1.3.x without client verification) it was not necessary
>> to import certs into snom.
>> To force the snom to send Messages via tls, you need to insert something
>> like "192.168.0.89:5061;transport=tls" in the outbound proxy field (but
> I'm
>> sure you already knew)
>>
>> regards
>> Andreas
>>
>>
>> -----Ursprüngliche Nachricht-----
>> Von: Klaus Darilion [mailto:klaus.mailinglists at pernau.at]
>> Gesendet: Freitag, 22. Januar 2010 13:17
>> An: Andreas Rehbein
>> Cc: sr-users at lists.sip-router.org
>> Betreff: Re: AW: AW: AW: [SR-Users] TLS problems
>>
>>
>>
>> Andreas Rehbein schrieb:
>>> Hello Klaus,
>>>
>>> Linux: Red Hat Enterprise Linux 5; Kernel: 2.6.18-92.1.10.el5
>>> OpenSSL: OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
>> Hi Andreas!
>>
>> I fail to configure SNOM to accept the certificate. I imported the CA
>> cert as trusted certificates, but TLS handshake is not successful. Is
>> there something else I need to take care of?
>>
>> I'm quite sure my certificates are OK as it works with eyebeam and
> QjSimple.
>> regards
>> Klaus
>>
>
More information about the sr-users
mailing list