[Freeswitch-users] SRTP-Support

Alois Komenda alois.komenda at esk.fraunhofer.de
Wed Jan 16 11:07:18 EST 2008


 
> Just generate your certs.. and set the tls to true in the config....  
> thats all you ahve to do.

I set up a new FS and did as you told me.
But the error is still there. What can I do?

--
Alois Komenda
Fraunhofer-Einrichtung für Systeme der Kommunikationstechnik ESK







-----Ursprüngliche Nachricht-----
Von: freeswitch-users-bounces at lists.freeswitch.org [mailto:freeswitch-users-bounces at lists.freeswitch.org] Im Auftrag von Brian West
Gesendet: Mittwoch, 16. Januar 2008 13:51
An: freeswitch-users at lists.freeswitch.org
Betreff: Re: [Freeswitch-users] SRTP-Support

Just generate your certs.. and set the tls to true in the config....  
thats all you ahve to do.

/b

On Jan 16, 2008, at 3:47 AM, Alois Komenda wrote:

>
> Hello,
>
> I get this error when starting FS with TLS enabled:
>
> 2008-01-16 10:32:41 [DEBUG] sofia.c:464 sofia_profile_thread_run() Set 
> params for default
> 2008-01-16 10:32:41 [DEBUG] sofia.c:486 sofia_profile_thread_run() 
> activated db for default
> 2008-01-16 10:32:41 [DEBUG] sofia.c:516 sofia_profile_thread_run() 
> Starting thread for default
> nta: bind(192.168.0.21:5061;transport=tls): Protocol not supported
> nua: initializing SIP stack failed
> 2008-01-16 10:32:41 [ERR] sofia.c:434 sofia_profile_thread_run() Error 
> Creating SIP UA for profile: 192.168.0.21
>
> I tried with transport=tcp and without any transport setting. The 
> result is always this error message (with the respective protocol).
>
> What's wrong here?
>
> --
> Alois Komenda
> Fraunhofer-Einrichtung für Systeme der Kommunikationstechnik ESK
>
>
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: freeswitch-users-bounces at lists.freeswitch.org 
> [mailto:freeswitch-users-bounces at lists.freeswitch.org
> ] Im Auftrag von Brian West
> Gesendet: Dienstag, 15. Januar 2008 15:59
> An: freeswitch-users at lists.freeswitch.org
> Betreff: Re: [Freeswitch-users] SRTP-Support
>
> Their has been a script added to SVN for this purpose its gentls_cert 
> in scripts.  And should allow you to create your CA and various files 
> required for sofia's TLS ... BTW TCP is required on all SIP ua's no 
> matter if its TLS or not.  Anything that doesn't do TCP is violating 
> the spec because it says TCP and UDP are a MUST.  ;)
>
> /b
>
> On Jan 15, 2008, at 1:36 AM, Alois Komenda wrote:
>
>> How do I set up TLS?
>> Do I have to enable TCP to get it working?
>> Can I use it without certificates? Are the names agent.pem and 
>> cafile.pem (as mentioned in the comments in sofia config files) 
>> mandatory?
>> What is the assumed content of this files? (agent.pem = private key; 
>> cafile.pem = certificate?)
>>
>> Is there any documentation that could answer this questions?
>> Searching for "tls" or "ssl" or "sips" in the wiki did not bring any 
>> results.
>>
>> Thanks a lot in advance!
>>
>> --
>> Alois Komenda
>> Fraunhofer-Einrichtung für Systeme der Kommunikationstechnik ESK
>>
>>
>>
>> Von: freeswitch-users-bounces at lists.freeswitch.org
>> [mailto:freeswitch-users-bounces at lists.freeswitch.org
>> ] Im Auftrag von Michael Jerris
>> Gesendet: Freitag, 11. Januar 2008 15:39
>> An: freeswitch-users at lists.freeswitch.org
>> Betreff: Re: [Freeswitch-users] SRTP-Support
>>
>> We don't currently have the support integrated into mod_sofia.  That 
>> being said, we just got TLS support running, and I believe that 
>> someone was working on integrating the SRTP key negotiation.
>>
>> Mike
>>
>> On Jan 11, 2008, at 7:24 AM, Alois Komenda wrote:
>>
>>> Hello,
>>>
>>> my question is: does FreeSWITCH support SRTP? I guess yes, because 
>>> libsrtp is in the dependency list.
>>> But how do I configure FS to use SRTP? I did not find any hints in 
>>> the documentation.
>>>
>>> Best Regards
>>> --
>>> Alois Komenda
>>> Fraunhofer-Einrichtung für Systeme der Kommunikationstechnik ESK
>>>
>>>
>>> _______________________________________________
>>> Freeswitch-users mailing list
>>> Freeswitch-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-
>>> us
>>> ers
>>> http://www.freeswitch.org
>>
>> _______________________________________________
>> Freeswitch-users mailing list
>> Freeswitch-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-
>> use
>> rs
>> http://www.freeswitch.org
>
>
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-use
> rs
> http://www.freeswitch.org
>
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-use
> rs
> http://www.freeswitch.org


_______________________________________________
Freeswitch-users mailing list
Freeswitch-users at lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org



More information about the Freeswitch-users mailing list