<html><head><meta http-equiv="Content-Type" content="text/html charset=iso-8859-1"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><br><div><div>On 16 Feb 2014, at 03:22, <a href="mailto:info@vintageelectronics.ca">info@vintageelectronics.ca</a> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">
<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type">
<div text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">I was going by this tutorial - it said
that default certs should suffice:
<a class="moz-txt-link-freetext" href="http://kb.asipto.com/kamailio:skype-like-service-in-less-than-one-hour">http://kb.asipto.com/kamailio:skype-like-service-in-less-than-one-hour</a><br>
<br>
<br>
On 02/15/2014 07:34 PM, Corey Edwards wrote:<br>
</div>
<blockquote cite="mid:CAF=+x3SpqPfqXkv+E6LFiaEJkaM-8DLn8OGoVgsso9aXzdbcPw@mail.gmail.com" type="cite">
<div dir="ltr"><br>
<div class="gmail_extra">
<div class="gmail_quote">On Fri, Feb 14, 2014 at 7:35 PM, <span dir="ltr"><<a moz-do-not-send="true" href="mailto:info@vintageelectronics.ca" target="_blank">info@vintageelectronics.ca</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<div>Testing in the same box for now with the goal to at
least get it working within one machine.<br>
Do you mean that TLS will not work with the cert/key
shipped with kamailio?<br>
</div>
</div>
</blockquote>
<div><br>
</div>
<div>I've never tried. A default key would not be very
secure, but if you have a valid certificate and key it
should work.<br>
</div>
<div> </div></div></div></div></blockquote></div></blockquote><br></div><div>The default certificates are self-signed. A client may not recognize these as trustworthy, policy may claim that only certificates signed by a well-known CA that the client has root certificates for is trusted, so the TLS connection will not be completed.</div><div><br></div><div>If the client sets up a TLS connection anyway, that's fine. There will be encryption, but no authentication. The client should not show any lock in this case or in any way indicate a "secure" connection to the server. The connection should not be trusted for exchange of media encryption keys or any other confidential data.</div><div><br></div><div>/O</div><br><div apple-content-edited="true">
<span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; border-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div>--</div><div><div style=" ">* Olle E. Johansson - <a href="mailto:oej@edvina.net">oej@edvina.net</a><br>* Kamailio & SIP Masterclass Miami FL, Oxford UK and Malaga, Spain this spring!</div><div style=" ">* <a href="http://edvina.net/training/">http://edvina.net/training/</a></div></div><div><br class="khtml-block-placeholder"></div></div></div></div></span><br class="Apple-interchange-newline"><br class="Apple-interchange-newline">
</div>
<br></body></html>