<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hello,<br>
<br>
if you installed tls module, then be sure you have the next line
after the first line of kamailio.cfg:<br>
<br>
#!define WITH_TLS<br>
<br>
Cheers,<br>
Daniel<br>
<br>
<div class="moz-cite-prefix">On 21/04/14 13:20, Yoann Gini wrote:<br>
</div>
<blockquote
cite="mid:F0F1DD6D-8480-4AD9-AB78-48053C0500C3@gmail.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
Hello,
<div><br>
</div>
<div>It’s my first message here so here is a little introduction
about me.</div>
<div><br>
</div>
<div>I’m Yoann gini, a french system administrator specialized in
Apple product for enterprise. I also manage some other UNIX
sever (essentially BSD based) and some windows when customers
pay me a lot…</div>
<div><br>
</div>
<div>I’m trying to install Kamailio on by personal FreeBSD 10
server. My intend is discover products functionalities and see
what can be done whit it. Maybe I can made a package for OS X
Server and deploy it along with e-mail and xmpp services when my
customers need efficient communication system.</div>
<div><br>
</div>
<div>So, at this time, I’m playing with various options and I’ve
some problems.</div>
<div><br>
</div>
<div>The one who lead me here concern TLS module.</div>
<div><br>
</div>
<div>I’m unable to start the service with TLS module enabled,
digging into the debug log, I’ve catch those lines:</div>
<div><br>
</div>
<div> 0(35943) DEBUG: <core> [cfg.y:1635]: yyparse():
loading module tls.so<br>
0(35943) DEBUG: <core> [sr_module.c:591]:
load_module(): load_module: trying to
load </usr/local/lib64/kamailio/modules/tls.so><br>
0(35943) INFO: tls [tls_init.c:385]: init_tls_compression():
tls: init_tls: disabling compression...<br>
0(35943) ERROR: <core>
[modparam.c:163]: set_mod_param_regex(): set_mod_param_regex: No
module matching <tls> found<br>
<br>
</div>
<div><br>
</div>
<div>It seems that the module is loaded, but impossible to
configure…</div>
<div><br>
</div>
<div>Here is the output of grep -i tls kamailio.cfg</div>
<div><br>
</div>
<div>### #!define WITH_TLS<br>
# *** To enable TLS support execute:<br>
# - adjust CFGDIR/tls.cfg as needed<br>
# - define WITH_TLS<br>
#!ifdef WITH_TLS<br>
listen=tls:<ipv4>:5061<br>
listen=tls:<ipv6>:5061<br>
enable_tls=yes<br>
#!ifdef WITH_TLS<br>
loadmodule "tls.so"<br>
#!ifdef WITH_TLS<br>
# ----- tls params -----<br>
modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg")<br>
<br>
</div>
<div><br>
</div>
<div>And the content of /usr/local/etc/kamailio/tls.cfg</div>
<div><br>
</div>
<div>[server:default]<br>
method = TLSv1<br>
verify_certificate = yes<br>
require_certificate = no<br>
private_key = /etc/ssl/keys/my_real_ssl_cert.key<br>
certificate = /etc/ssl/certs/my_real_ssl_cert.crt<br>
ca_list = /etc/ssl/cert.pem<br>
#crl = /usr/local/etc/kamailio/crl.pem<br>
<br>
[client:default]<br>
verify_certificate = no<br>
require_certificate = no</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>After some search, I’ve found this message on the list <a
moz-do-not-send="true"
href="http://lists.sip-router.org/pipermail/sr-users/2013-August/079439.html">http://lists.sip-router.org/pipermail/sr-users/2013-August/079439.html</a></div>
<div><br>
</div>
<div>It seems that a bug on OpenSSL side cause some trouble with
TLS module…</div>
<div><br>
</div>
<div>Is it still true ? How do you manage your TLS configuration ?</div>
<div><br>
</div>
<div>I’m using OpenSSL 1.0.1g with kamailio 4.1.2.</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>Best regards,</div>
<div>Yoann.</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a>
<a class="moz-txt-link-freetext" href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Daniel-Constantin Mierla - <a class="moz-txt-link-freetext" href="http://www.asipto.com">http://www.asipto.com</a>
<a class="moz-txt-link-freetext" href="http://twitter.com/#!/miconda">http://twitter.com/#!/miconda</a> - <a class="moz-txt-link-freetext" href="http://www.linkedin.com/in/miconda">http://www.linkedin.com/in/miconda</a></pre>
</body>
</html>