[Freeswitch-users] Freeswitch + TLS with a commercial certificate
Iskren Hadzhinedev
iskren.hadzhinedev at ikiji.com
Tue Jan 7 19:46:01 MSK 2014
Hello.
I've attached the tport log.
This is the output from a single attempt to connect to freeswitch with TLS enabled.
Thank you,
--
Iskren Hadzhinedev
System Administrator
The Idea Factory | 20 Mearns Street | Aberdeen | AB11 5AT | UK
T: 01224 607500
VAT Reg No: 982 4936 74. Company registered in Scotland, SC237116
On Friday 03 January 2014 09:53:14 Muhammad Abdullah wrote:
> hi , enable tport log on freeswith and post these log ...
>
>
>
>
> On Thu, Jan 2, 2014 at 11:23 PM, Iskren Hadzhinedev <
>
> iskren.hadzhinedev at ikiji.com> wrote:
> > Greetings.
> >
> > I'm unable to setup TLS and SRTP. I have a valid certificate from
> > GlobalSign and my setup is currently the following:
> >
> > My certificate and key (merged with cat keyfile certfile > agent.pem) in
> > /opt/freeswitch/conf/ssl/agent.pem
> >
> > The GlobalSign root certificate is in /opt/freeswitch/conf/ssl/cafile.pem
> >
> >
> >
> > I edited vars.xml as instructed from
> > http://wiki.freeswitch.org/wiki/SIP_TLS#Configuration
> >
> > I tried running with tlsv1 and sslv23 in vars.xml, verified that FS is
> > listening on ports 5061 and 5081 with netstat -nltp | grep freeswitch
> >
> > Also I get TLS listeners with "sofia status" so it should be working.
> > Connecting to ports 5061 and 5081 with openssl s_client connect
> > freeswitch.lan:<port> is successful,
> >
> > but I get a 'Verify return code: 21 (unable to verify the first
> > certificate)'. Running nginx with the agent.pem as a certificate is
> > working
> > without any issues.
> >
> > When I try to connect to Freeswitch via TLS with Bria and Linphone 3.6.1 I
> > get errors 408 or 503 and I don't see any output into the freeswitch
> > console where I enabled sofia siptrace globally.
> >
> >
> >
> > What is the correct way to setup Freeswitch with a commercial certificate
> > in order to enable TLS and SRTP ?
> >
> > Thank you!
> >
> >
> >
> > Kind regards,
> >
> > --
> >
> > Iskren Hadzhinedev
> >
> > System Administrator
> >
> >
> >
> > The Idea Factory | 20 Mearns Street | Aberdeen | AB11 5AT | UK
> >
> > T: 01224 607500
> >
> > VAT Reg No: 982 4936 74. Company registered in Scotland, SC237116
> >
> > _________________________________________________________________________
> > Professional FreeSWITCH Consulting Services:
> > consulting at freeswitch.org
> > http://www.freeswitchsolutions.com
> >
> >
> >
> >
> > Official FreeSWITCH Sites
> > http://www.freeswitch.org
> > http://wiki.freeswitch.org
> > http://www.cluecon.com
> >
> > FreeSWITCH-users mailing list
> > FreeSWITCH-users at lists.freeswitch.org
> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> > http://www.freeswitch.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20140107/260386a6/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 4641 bytes
Desc: not available
Url : http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20140107/260386a6/attachment-0001.png
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tport.log.zip
Type: application/zip
Size: 588 bytes
Desc: not available
Url : http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20140107/260386a6/attachment-0001.zip
Join us at ClueCon 2013 Aug 6-8, 2013
More information about the FreeSWITCH-users
mailing list