[Freeswitch-users] TLS and 5061 doesn't seem to work
Michael Nielsen
mic.niel84 at gmail.com
Tue Sep 15 00:21:42 MSD 2015
none, but I've also tried with in.
On Monday, September 14, 2015, Ítalo Rossi <italo at freeswitch.org> wrote:
> What you have in your tls-verify-policy ?
>
> Check the valid values here:
> https://freeswitch.org/confluence/display/FREESWITCH/Sofia+Configuration+Files#SofiaConfigurationFiles-Settings
>
> On Mon, Sep 14, 2015 at 10:23 AM, Michael Nielsen <mic.niel84 at gmail.com
> <javascript:_e(%7B%7D,'cvml','mic.niel84 at gmail.com');>> wrote:
>
>> When doing so I get the following error in fs_cli:
>>
>> 2015-09-14 08:23:24.120749 [ERR] sofia_glue.c:329 Invalid
>> tls-verify-policy value: none
>>
>> 2015-09-14 08:23:24.160528 [ERR] sofia.c:2935 Error Creating SIP UA for
>> profile: internal-ipv6 (sip:mod_sofia@[::1]:5060;transport=udp,tcp)
>> ATTEMPT 1 (RETRY IN 5 SEC)
>>
>> 2015-09-14 08:23:24.180781 [ERR] sofia.c:2935 Error Creating SIP UA for
>> profile: internal (sip:mod_sofia at 159.122.89.10:5060;transport=udp,tcp)
>> ATTEMPT 1 (RETRY IN 5 SEC)
>>
>> And then sofia status only shows port 5080 running...
>>
>> On Mon, Sep 14, 2015 at 9:01 AM, Michael Nielsen <mic.niel84 at gmail.com
>> <javascript:_e(%7B%7D,'cvml','mic.niel84 at gmail.com');>> wrote:
>>
>>> I'm running this clean installation of FS:
>>> https://github.com/voxserv/freeswitch_conf_minimal
>>>
>>> Everything seems to work and I would now like to add TLS and SRTP
>>> encryption - for use on public WiFi and such.
>>>
>>> I've tried the following from this
>>> http://wiki.freeswitch.org/wiki/SIP_TLS#TLS.2C_SSL_and_SRTP_Encryption:
>>>
>>> ./gentls_cert setup -cn pbx.freeswitch.org -alt DNS:pbx.freeswitch.org -org freeswitch.org
>>> ./gentls_cert create_server -cn pbx.freeswitch.org -alt DNS:pbx.freeswitch.org -org freeswitch.org
>>>
>>> And in vars.xml:
>>>
>>> <X-PRE-PROCESS cmd="set" data="sip_tls_version=sslv23"/>
>>> <X-PRE-PROCESS cmd="set" data="internal_ssl_enable=true"/>
>>>
>>> Of course with my own domain when generating certificates.
>>>
>>> Restarting FS and trying to connect to 5061 over TLS doesn't work.
>>> Looking in fs_cli with debug 7 doesn't output anything when the client
>>> tries to connect.
>>>
>>> How to debug or does anyone know what's wrong? My certificates are
>>> generated automatically in /usr/conf/ssl.
>>>
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> <javascript:_e(%7B%7D,'cvml','consulting at freeswitch.org');>
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> <javascript:_e(%7B%7D,'cvml','FreeSWITCH-users at lists.freeswitch.org');>
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
>
> --
> Ítalo Rossi
> italo at freeswitch.org
> <javascript:_e(%7B%7D,'cvml','italo at freeswitch.org');>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20150914/14183422/attachment-0001.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list