<div dir="ltr"><div style="font-family:arial,sans-serif;font-size:13px">Do you mean to say that the UAC need only send to "sip:<ip>:<tls_port>;transport=tcp" and not to "sips"?</div><div style="font-family:arial,sans-serif;font-size:13px">
<br></div><div style="font-family:arial,sans-serif;font-size:13px">I tried tweaking the parameters you mentioned in several different ways, but the contact address from the UAS always comes with "transport=udp". Is this my problem? </div>
</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Mar 25, 2014 at 10:22 AM, Michael Jerris <span dir="ltr"><<a href="mailto:mike@jerris.com" target="_blank">mike@jerris.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">sips: should not make a difference, however.. take a look at bind-params and tls-bind-params<div>
<br></div><div><a href="https://wiki.freeswitch.org/wiki/Sofia.conf.xml" target="_blank">https://wiki.freeswitch.org/wiki/Sofia.conf.xml</a></div><div><br><div><div><div class="h5"><div>On Mar 25, 2014, at 1:15 PM, JP <<a href="mailto:jaykris@gmail.com" target="_blank">jaykris@gmail.com</a>> wrote:</div>
<br></div></div><blockquote type="cite"><div><div class="h5"><div dir="ltr"><p class="MsoNormal">Is there any way to specify the full contact header in a UA
profile that the SIP stack will use when formulating messages?
Specifically, have it use "sips" instead of "sip" as
the protocol scheme? </p><div> <br></div><p class="MsoNormal">I'm trying to establish an INVITE dialog between 2
FreeSWITCH servers using a client authenticated TLS handshake.</p><div> <br></div><p class="MsoNormal">To accomplish this, I've created 2 UA profiles on both
servers - one to fulfill the role of the UAC (i.e. tls-uac.xml) and one to
implement the UAS (i.e. tls-uas.xml). Here are the relevant parameters
from both profiles:</p><div> <br></div><p class="MsoNormal">tls-uac.xml:</p><div> <br></div><p class="MsoNormal"> <param
name="sip-port" value="5081"/></p><div> <br></div><p class="MsoNormal"> <param
name="tls" value="true"/></p><div> <br></div><p class="MsoNormal"> <param
name="tls-only" value="true"/></p><div> <br></div><p class="MsoNormal"> <param
name="tls-sip-port" value="5082"/></p><div> <br></div><p class="MsoNormal"> <param
name="tls-cert-dir" value="$${base_dir}/conf/tls/uac"/></p><div> <br></div><p class="MsoNormal">tls-uas.xml:</p><div> <br></div><p class="MsoNormal"> <param
name="sip-port" value="5081"/></p><div> <br></div><p class="MsoNormal"> <param
name="tls" value="true"/></p><div> <br></div><p class="MsoNormal"> <param
name="tls-only" value="true"/></p><div> <br></div><p class="MsoNormal"> <param
name="tls-sip-port" value="5081"/></p><div> <br></div><p class="MsoNormal"> <param
name="tls-cert-dir" value="$${base_dir}/conf/tls/uas"/></p><div> <br></div><p class="MsoNormal">The problem already starts when "tls-uac" sends a
non-secure SIP URI in the contact header of its initial INVITE request (i.e. <a href="http://sip:mod_sofia@10.191.210.150:5081/" target="_blank">sip:mod_sofia@10.191.210.150:5081</a>).
But the more immediate issue is that "tls-uas" also responds
with a non-secure SIP URI in the contact header of its final response (i.e. <a>sip:14086805675@10.191.210.151:5081;transport=udp</a>).
This causes "tls-uac" to send its ACK to the right port number
(i.e. 5081) but on the wrong transport (i.e. UDP instead of TCP/TLS).</p><div> <br></div><p class="MsoNormal">I've seen in the FS documentation that there are ways to
manipulate the contact header through the dial plan, but I'd really prefer not
to do it this way. Any suggestions?</p><div> <br></div><p class="MsoNormal">Thanks</p><p class="MsoNormal">JP</p></div></div></div>
_________________________________________________________________________<br>Professional FreeSWITCH Consulting Services:<br><a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br><a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br><a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br><br>Official FreeSWITCH Sites<br><a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br><a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br><br>FreeSWITCH-users mailing list<br><a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br></div></div><br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br></div>