[Freeswitch-users] How to debug TLS handshake errors?
Yehavi Bourvine
yehavi.bourvine at gmail.com
Tue Dec 22 11:43:05 PST 2009
My distro is fedora 10 with all the current patches.
SSLwatch fails to build and it seems more than a trivial change to make it
work; however, it seems that the error message from Freeswitch tells it
all...
Is there any special debug statement in Freeswitch to see more about its TLS
negotations?
Thanks, __Yehavi:
2009/12/21 Brian West <brian at freeswitch.org>
> You have to watch it with TLS. Make sure your distro didn't mess up your
> SSL libs due to the recent vulnerability found. I havn't tested with my
> polycom in a few weeks but it was working on my Polycom after I uploaded the
> ca cert and marked it as trusted/used on the phone.
>
> /b
>
> On Dec 20, 2009, at 8:26 AM, Yehavi Bourvine wrote:
>
> > I am trying now to set a Polycom to work with FreeSwitch and TLS. I have
> a Polycom-501 which does not have an internal certificate, thus only one-way
> certificate validation is needed. I've downloaded the root certificate to he
> Polyciom, and Freeswitch gives me the following error:
> >
> > Peer did not provide X.509 Certificate
> > I understand that it tries to do mutual authentication which is not
> possible in this case. How can I tell FreeSwitch to ignore the client's
> certificate?
> >
> > BTW, I am running 1.0.5pre9, and it works ok using TLS with SNOM and
> Yealink.
> >
> > Thanks! __Yehavi:
>
>
> _______________________________________________
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20091222/357b25a9/attachment-0002.html
More information about the FreeSWITCH-users
mailing list