Antonio,<br><br>It looks like we have a number of phones listed here:<br><br><a href="http://wiki.freeswitch.org/wiki/Tls#SIP_TLS_Device_Interoperability">http://wiki.freeswitch.org/wiki/Tls#SIP_TLS_Device_Interoperability</a><br>
<br>However, Yealink is not among them. I've created a spot for Yealinks here:<br><br><a href="http://wiki.freeswitch.org/wiki/Interop_List#Yealink_TLS_Configuration">http://wiki.freeswitch.org/wiki/Interop_List#Yealink_TLS_Configuration</a><br>
<br>Could you put what you've learned into that spot on the wiki?<br><br>Thanks!<br>-MC<br><br><br><div class="gmail_quote">On Fri, Dec 21, 2012 at 3:54 AM, Antonio <span dir="ltr"><<a href="mailto:asilva@wirelessmundi.com" target="_blank">asilva@wirelessmundi.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><u></u>
<div>
Answer to myself....<br>
<br>
In the yealink configuration, in the account parameters, the "transport" must be force to TLS. <br>
<br>
I don't know why it just works.... Before i was using DNS-SRV, that should be the first option, yealink should have some issue here... i will report to them.<br>
<br>
<br>
Thanks,<br>
António<div><div class="h5"><br>
<br>
On Fri, 2012-12-21 at 10:35 +0100, Antonio wrote:<br>
</div></div><blockquote type="CITE"><div><div class="h5">
Hi,<br>
<br>
I'm trying to register a yealink with TLS, using my one certificates.<br>
<br>
I follow the wiki and In fs i have both agent.pem and cafile.pem . I install in the phone the root certificate.<br>
<br>
But when i try to register, i have (tport log):<br>
<br>
<br>
tport.c:3186 tport_recv_iovec() tport_recv_iovec(0x808fb0) msg 0x7fe9d0aa8180 from (udp/<a href="http://192.168.10.1:5060" target="_blank">192.168.10.1:5060</a>) has 340 bytes, veclen = 1<br>
tport.c:3004 tport_deliver() tport_deliver(0x808fb0): msg 0x7fe9d0aa8180 (340 bytes) from udp/<a href="http://192.168.10.23:5060/sip" target="_blank">192.168.10.23:5060/sip</a> next=(nil)<br>
tport.c:4202 tport_release() tport_release(0x808fb0): 0x7fe9d01142f0 by 0x7fe9d025d920 with 0x7fe9d0aa8180<br>
tport.c:2730 tport_wakeup_pri() tport_wakeup_pri(0x7fe9c802aad0): events IN<br>
tport.c:869 tport_alloc_secondary() tport_alloc_secondary(0x7fe9c802aad0): new secondary tport 0x7fe9c03e8450<br>
tport_type_tls.c:603 tport_tls_accept() tport_tls_accept(0x7fe9c03e8450): new connection from tls/<a href="http://192.168.10.36:48754/sips" target="_blank">192.168.10.36:48754/sips</a><br>
tport_tls.c:869 tls_connect() tls_connect(0x7fe9c03e8450): events NEGOTIATING<br>
tport_tls.c:869 tls_connect() tls_connect(0x7fe9c03e8450): events NEGOTIATING<br>
tport_tls.c:526 tls_post_connection_check() tls_post_connection_check(0x7fe9c03e8450): Peer did not provide X.509 Certificate.<br>
<br>
<br>
<br>
I could make it work and have a register in the tls profile when i check on the phone the option in Security->Trusted Certificates: "Only Accept Trusted Certificates: DISABLED".<br>
Could it be some bug in the yealink, or I’m missing something in the conf...<br>
<br>
Another question, is there any problem if i choose to use this configuration... since is the phone that ignores the certificate and the validation is done by the server and not by the client. <br>
<br>
Can you help me?<br>
<br>
Thanks,<br>
António
</div></div><pre>_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a>
Official FreeSWITCH Sites
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a>
FreeSWITCH-users mailing list
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><span class="HOEnZb"><font color="#888888">
</font></span></pre><span class="HOEnZb"><font color="#888888">
</font></span></blockquote><span class="HOEnZb"><font color="#888888">
<br>
<table cellpadding="0" cellspacing="0" width="100%">
<tbody><tr>
<td>
<pre>--
Un cordial saludo / Best regards,
_________________________
António Silva
E-mail:<a href="mailto:asilva@wirelessmundi.com" target="_blank">asilva@wirelessmundi.com</a>
</pre>
</td>
</tr>
</tbody></table>
</font></span></div>
<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br>Michael S Collins<br>Twitter: @mercutioviz<br><a href="http://www.FreeSWITCH.org" target="_blank">http://www.FreeSWITCH.org</a><br><a href="http://www.ClueCon.com" target="_blank">http://www.ClueCon.com</a><br>
<a href="http://www.OSTAG.org" target="_blank">http://www.OSTAG.org</a><br><br><br>