[Freeswitch-users] Polycom & TLS - help please...

Yehavi Bourvine yehavi.bourvine at gmail.com
Tue Jan 5 00:38:22 PST 2010 

Thanks, I have a partial success which involved two steps:

   - The wiki says to create a root certifcate with *gentls_cert setup *with
   no other parameters; I had to add my domain's data to this command. The new
   certificate has been downloaded to the phone.
   - Replaced the registrar definitions in the phone's config files from IP
   address to the server's name.
   - The above setup worked as-is. To be sure I've added the NAPTR records
   to the DNS after the above two steps worked.
      - BTW, the wiki says that the NAPTR records are not mandatory, thus I
      did not add them at the first place.

I said "partial" because now I have a phenomenon similar (not the same, but
close to) to the one I have with the SNOMs: The TLS link is reseted after a
while and then a new (additional) registration is done. I'll continue search
it per the tips I got on the other topic.

                          Thanks! __Yehavi:

2010/1/4 Brian West <brian at freeswitch.org>

> OK to properly use TLS you have to setup NAPTR and SRV records and the DNS
> domain has to match the cert.  Did you do that?
>
> /b
>
> On Jan 3, 2010, at 9:32 PM, Yehavi Bourvine wrote:
>
> > I've built the slef-signed root certificate and server;s certificate per
> the TLS wiki, and installed the root certificate on the phone (both manually
> and via the config files). I did not enter the "== untrusted ==" instead of
> the cerificate (as the Polycom's wiki suggests) as the pone doesn't allow
> this. It accepted the certificate.
> >
> > I've tried this on 501 (running 3.1.3 which is the last supported version
> on it), and 550 & 650 running 3.2.2.
> >
> >                             Thans, __Yehavi:
>
>
>  _______________________________________________
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20100105/4b702af1/attachment-0002.html

More information about the FreeSWITCH-users mailing list