Thanks a lot Steffen. Adding the new listen = udp:<a href="http://10.30.100.41:5060">10.30.100.41:5060</a> indeed worked. How can I check the TLS handshake using openssl at the server? Thanks a lot..<br><br>
<div><span class="gmail_quote">On 12/28/06, <b class="gmail_sendername">Steffen Witt</b> &lt;<a href="mailto:witt.steffen@googlemail.com">witt.steffen@googlemail.com</a>&gt; wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">Hello again,<br><br>maybe you should add the following line to test your non-TLS UAs:<br><br>disable_tls = 0
<br>listen = udp:<a href="http://10.30.100.41:5060">10.30.100.41:5060</a>&nbsp;&nbsp; &lt;---<br>listen = tls:<a href="http://10.30.100.41:5061">10.30.100.41:5061</a><br><br><br>You can check your TLS handshake by simulating your server with openssl.
<br><br><br>Please have a look at the following link that describes the TLS support:<br><br><a href="http://www.openser.org/docs/tls.html">http://www.openser.org/docs/tls.html</a><br><br><br>Best regards,<br>Steffen<br><br>
<br><br><br>2006/12/28, Ncheeku Baranov &lt;<a href="mailto:opensersubscribe@gmail.com">opensersubscribe@gmail.com</a>&gt;:<br>&gt; Hi,<br>&gt;<br>&gt; I am trying to make my non-TLS/TLS UA register with my TLS enabled openSER.
<br>&gt; Currently I am just working on my local machine with the client UAs on the<br>&gt; same subnet,(so there is only one domain, but its not named). Below is my<br>&gt; configuration file:<br>&gt;<br>&gt; disable_tls = 0
<br>&gt; listen = tls:<a href="http://10.30.100.41:5061">10.30.100.41:5061</a><br>&gt; tls_verify_server = 1<br>&gt; tls_verify_client = 0<br>&gt; tls_require_client_certificate = 0<br>&gt; tls_method = TLSv1<br>&gt; tls_certificate = &quot;/usr/local/etc/openser/tls/user/user-
<br>&gt; cert.pem&quot;<br>&gt; tls_private_key =&nbsp;&nbsp;&quot;/usr/local/etc/openser/tls/user/user-<br>&gt; privkey.pem&quot;<br>&gt; tls_ca_list =<br>&gt; &quot;usr/local/etc/openser/tls/user/user-calist.pem&quot;<br>&gt;<br>
&gt; However, with the above configuration the client UAs couldnot register and I<br>&gt; got 408 Request Time out Message. Is there any field that is missing to make<br>&gt; this simple scenario work? What should be the values of &quot;tls_client_domain&quot;
<br>&gt; and &quot;tls_server_domain&quot; fields in this case?<br>&gt;<br>&gt; I noticed that when I start the openSER without TLS support using<br>&gt; &quot;openserctl start&quot; and do &quot;ps -e&quot; after that, there are more openSER
<br>&gt; processes running than if I start openSER with TLS support in which case I<br>&gt; see very few of these processes running.<br>&gt;<br>&gt; Your help is much appreciated....<br>&gt;<br>&gt; Best regards,<br>&gt; NCheeku
<br>&gt;<br>&gt; _______________________________________________<br>&gt; Users mailing list<br>&gt; <a href="mailto:Users@openser.org">Users@openser.org</a><br>&gt; <a href="http://openser.org/cgi-bin/mailman/listinfo/users">
http://openser.org/cgi-bin/mailman/listinfo/users</a><br>&gt;<br>&gt;<br>&gt;<br></blockquote></div><br>