[Freeswitch-users] FS with SSL/TLS issues!

Yehavi Bourvine yehavi.bourvine at gmail.com
Wed Feb 20 19:02:31 MSK 2013


Hi,

  As a first attempt try setting the organization name and the pbx name to
be the same: The fully qualified DNS name of the FreeSwitch server (name,
not dotted IP). Then, set the phones to register to the name and not the
IP. I know that with Polycom you must use names.

Try catching this connection with wireshark - maybe it will tell you some
more details.

                     __Yehavi:


2013/2/20 mehroz <mehroz.ashraf85 at gmail.com>

> Hi,
>
> it seems like i am unable to get it done. Here is what i have done
>
> 1. created CA (Root) certificates:
> ./gentls_cert setup -cn pbx.freeswitch.org -alt DNS:pbx.freeswitch.org-org
> freeswitch.org
>
> 2. created Server Certificate:
> ./gentls_cert create_server -cn pbx.freeswitch.org -alt
> DNS:pbx.freeswitch.org -org freeswitch.org
>
> *I replaced pbx.freeswitch.org and freeswitch.org with my FS IP address in
> which i am listening.*
>
> 3. Enabled /internal_ssl_enable=true/  and/ ip_tls_version=tlsv1/ in
> vars.xml .
>
> 4. When i try to Register 3CX on TLS over port 5061, all i see is :
> tport_tls.c:869 tls_connect() tls_connect(0x7fbd94e7a5e0): events
> NEGOTIATING
> tport_tls.c:869 tls_connect() tls_connect(0x7fbd94e7a5e0): events
> NEGOTIATING
> tport_tls.c:958 tls_connect() tls_connect(0x7fbd94e7a5e0): TLS setup failed
> (error:00000001:lib(0):func(0):reason(1))
> tport.c:2084 tport_close() tport_close(0x7fbd94e7a5e0):
> tls/59.103.76.82:56863/sips
> tport.c:2730 tport_wakeup_pri() tport_wakeup_pri(0x7fbd94005090): events IN
> tport.c:869 tport_alloc_secondary() tport_alloc_secondary(0x7fbd94005090):
> new secondary tport 0x7fbd94f53c70
> tport_type_tls.c:603 tport_tls_accept() tport_tls_accept(0x7fbd94f53c70):
> new connection from tls/59.103.76.82:56864/sips.
>
>
>
> PLease help!!
>
>
>
> --
> View this message in context:
> http://freeswitch-users.2379917.n2.nabble.com/FS-with-SSL-TLS-issues-tp7587736.html
> Sent from the freeswitch-users mailing list archive at Nabble.com.
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130220/0c76c718/attachment.html 


Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list