[Freeswitch-users] Freeswitch TLS and Yealink t26p
Mario G
mario_fs at mgtech.com
Thu Jan 17 01:57:18 MSK 2013
I actually got back responses to wishlist and questions in 1-3 days at http://forum.yealink.com/forum/
Mario G
On Jan 16, 2013, at 7:40 AM, Emrah wrote:
> Sorry to hijack the thread, but where do you report bugs / feature requests?
> I haven't been able to reach any knowledgeable person via their support email.
>
> Cheers and thank you
> On Jan 16, 2013, at 7:18 AM, Antonio Silva <asilva at wirelessmundi.com> wrote:
>
>> Hi,
>>
>> Nice to now.
>> I didn't have this problem, i could upload a custom certificate and with the option "Only Accept Trusted Certificates" to enabled.
>>
>> I had another issue with ldap navigation, i report to them, they were quite fast to reply, and there is a new firmware 6.70.0.120 that solves the problem.
>>
>> Best regards,
>>
>> António Silva
>>
>>
>> On Wed, 2013-01-02 at 10:56 -0800, William King wrote:
>>> Another thing to be aware of is that there is an outstanding bug where
>>> Yealinks are not able to load certain custom CA's because the time on
>>> the phone is not being synced to NTP before the CA is validated and loaded.
>>>
>>> Once you changed the transport have you run into any new issues?
>>>
>>> William King
>>> Senior Engineer
>>> Quentus Technologies, INC
>>> 1037 NE 65th St Suite 273
>>> Seattle, WA 98115
>>> Main: (877) 211-9337
>>> Office: (206) 388-4772
>>> Cell: (253) 686-5518
>>>
>>> william.king at quentustech.com
>>>
>>>
>>> On 12/21/2012 03:54 AM, Antonio wrote:
>>>> Answer to myself....
>>>>
>>>> In the yealink configuration, in the account parameters, the "transport"
>>>> must be force to TLS.
>>>>
>>>> I don't know why it just works.... Before i was using DNS-SRV, that
>>>> should be the first option, yealink should have some issue here... i
>>>> will report to them.
>>>>
>>>>
>>>> Thanks,
>>>> António
>>>>
>>>> On Fri, 2012-12-21 at 10:35 +0100, Antonio wrote:
>>>>> Hi,
>>>>>
>>>>> I'm trying to register a yealink with TLS, using my one certificates.
>>>>>
>>>>> I follow the wiki and In fs i have both agent.pem and cafile.pem . I
>>>>> install in the phone the root certificate.
>>>>>
>>>>> But when i try to register, i have (tport log):
>>>>>
>>>>>
>>>>> tport.c:3186 tport_recv_iovec() tport_recv_iovec(0x808fb0) msg
>>>>> 0x7fe9d0aa8180 from (udp/192.168.10.1:5060) has 340 bytes, veclen = 1
>>>>> tport.c:3004 tport_deliver() tport_deliver(0x808fb0): msg
>>>>> 0x7fe9d0aa8180 (340 bytes) from udp/192.168.10.23:5060/sip next=(nil)
>>>>> tport.c:4202 tport_release() tport_release(0x808fb0): 0x7fe9d01142f0
>>>>> by 0x7fe9d025d920 with 0x7fe9d0aa8180
>>>>> tport.c:2730 tport_wakeup_pri() tport_wakeup_pri(0x7fe9c802aad0):
>>>>> events IN
>>>>> tport.c:869 tport_alloc_secondary()
>>>>> tport_alloc_secondary(0x7fe9c802aad0): new secondary tport 0x7fe9c03e8450
>>>>> tport_type_tls.c:603 tport_tls_accept()
>>>>> tport_tls_accept(0x7fe9c03e8450): new connection from
>>>>> tls/192.168.10.36:48754/sips
>>>>> tport_tls.c:869 tls_connect() tls_connect(0x7fe9c03e8450): events
>>>>> NEGOTIATING
>>>>> tport_tls.c:869 tls_connect() tls_connect(0x7fe9c03e8450): events
>>>>> NEGOTIATING
>>>>> tport_tls.c:526 tls_post_connection_check()
>>>>> tls_post_connection_check(0x7fe9c03e8450): Peer did not provide X.509
>>>>> Certificate.
>>>>>
>>>>>
>>>>>
>>>>> I could make it work and have a register in the tls profile when i
>>>>> check on the phone the option in Security->Trusted Certificates: "Only
>>>>> Accept Trusted Certificates: DISABLED".
>>>>> Could it be some bug in the yealink, or I’m missing something in the
>>>>> conf...
>>>>>
>>>>> Another question, is there any problem if i choose to use this
>>>>> configuration... since is the phone that ignores the certificate and
>>>>> the validation is done by the server and not by the client.
>>>>>
>>>>> Can you help me?
>>>>>
>>>>> Thanks,
>>>>> António
>>>>> _________________________________________________________________________
>>>>> Professional FreeSWITCH Consulting Services:
>>>>>
>>> consulting at freeswitch.org <mailto:consulting at freeswitch.org
>>>>
>>>>>
>>> http://www.freeswitchsolutions.com
>>>
>>>>>
>>>>>
>>>>>
>>>
>>>
>>>>>
>>>>> Official FreeSWITCH Sites
>>>>>
>>> http://www.freeswitch.org
>>>
>>>>>
>>> http://wiki.freeswitch.org
>>>
>>>>>
>>> http://www.cluecon.com
>>>
>>>>>
>>>>> FreeSWITCH-users mailing list
>>>>>
>>> FreeSWITCH-users at lists.freeswitch.org <mailto:FreeSWITCH-users at lists.freeswitch.org
>>>>
>>>>>
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>
>>>>> UNSUBSCRIBE:
>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>
>>>>>
>>> http://www.freeswitch.org
>>>
>>>>
>>>> --
>>>>
>>>> Un cordial saludo / Best regards,
>>>>
>>>> _________________________
>>>>
>>>> António Silva
>>>>
>>>> E-mail:
>>> asilva at wirelessmundi.com <mailto:asilva at wirelessmundi.com
>>>>
>>>>
>>>>
>>>>
>>>> _________________________________________________________________________
>>>> Professional FreeSWITCH Consulting Services:
>>>>
>>> consulting at freeswitch.org
>>>
>>>>
>>> http://www.freeswitchsolutions.com
>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>>
>>>> Official FreeSWITCH Sites
>>>>
>>> http://www.freeswitch.org
>>>
>>>>
>>> http://wiki.freeswitch.org
>>>
>>>>
>>> http://www.cluecon.com
>>>
>>>>
>>>> FreeSWITCH-users mailing list
>>>>
>>> FreeSWITCH-users at lists.freeswitch.org
>>>
>>>>
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>
>>>> UNSUBSCRIBE:
>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>
>>>>
>>> http://www.freeswitch.org
>>>
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>>
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> Official FreeSWITCH Sites
>>>
>>> http://www.freeswitch.org
>>> http://wiki.freeswitch.org
>>> http://www.cluecon.com
>>>
>>>
>>> FreeSWITCH-users mailing list
>>>
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>
>>> UNSUBSCRIBE:
>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>>
>>
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
>
>
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list