[Freeswitch-users] Trying to get TLS/SRTP working

Brad Mina brad at tech21.com
Wed Jun 15 07:30:46 MSD 2011 

Line 89 and 90 of your startup log clearly show TLS starting on port 5061 on
your internal profile.

2011-06-14 19:58:19.325605 [DEBUG] sofia.c:3100 tls-port [5061]
>
> 2011-06-14 19:58:19.325610 [DEBUG] sofia.c:3100 tls-version [tlsv1]
>
>
My 'sofia status' returns about the same thing as you:

> freeswitch at internal> sofia status
>
>                      Name   Type                                      Data
>> State
>
>
>> =================================================================================================
>
>                  internal profile         sip:mod_sofia at pbx.ip.add.ress
>> :5060 RUNNING (0)
>
>             internal-ipv6 profile                  sip:mod_sofia@
>> [::1]:5060 RUNNING (0)
>
>                  external profile         sip:mod_sofia at pbx.ip.add.ress
>> :5080 RUNNING (0)
>
>    external::bw-secondary gateway
>> sip:1831xxxxxxx at 216.82.225.202 NOREG
>
>         external::bw-main gateway
>> sip:1831xxxxxxx at 216.82.224.202 NOREG
>
>            pbx.ip.add.ress  alias
>>  internal ALIASED
>
>
>> =================================================================================================
>
> 3 profiles 1 alias
>
>
>
Have you tried configuring a phone for use with TLS? If so what problems are
you having with it?


On Tue, Jun 14, 2011 at 5:07 PM, Rob Hutton <justlikeef at gmail.com> wrote:

> Full startup log:
> http://pastebin.freeswitch.org/16494
>
> Here's the config file:
> http://pastebin.freeswitch.org/16495
>
> FreeSWITCH version: 1.0.head (git-d52a254 2011-06-13 18-27-28 -0400)
>
>
> On Tue, Jun 14, 2011 at 6:55 PM, Mitch Capper <mitch.capper at gmail.com>wrote:
>
>> Are you using latest trunk or what version of freeswitch?  Can you
>> post the rest of the startup log so we can see if it possibly failed
>> later?
>>
>> ~Mitch
>>
>> On Tue, Jun 14, 2011 at 11:01 AM, Rob Hutton <justlikeef at gmail.com>
>> wrote:
>> > Trying to get TLS working.  When sofia loads, I see that it seems to
>> accept
>> > the parameters:
>> >
>> > http://pastebin.freeswitch.org/16487
>> >
>> > But sofia status shows nothing running on the TLS ports:
>> >                      Name
>> > Type                                       Data      State
>> >
>> =================================================================================================
>> >            sipinterface_3       profile
>> > sip:mod_sofia at 192.168.2.25:5080      RUNNING (0)
>> >            sipinterface_2       profile
>> > sip:mod_sofia at 192.168.2.25:5070      RUNNING (0)
>> >              192.168.2.25         alias
>> > sipinterface_1      ALIASED
>> >            sipinterface_1       profile
>> > sip:mod_sofia at 192.168.2.25:5060      RUNNING (0)
>> >               voicemail_1         alias
>> > sipinterface_1      ALIASED
>> >
>> =================================================================================================
>> > 3 profiles 2 aliases
>> >
>> >
>> > /usr/local/freeswitch/conf/ssl looks like:
>> > -rw-r--r-- 1 root root 3627 Jun 14 12:55 agent.pem
>> > -rw-r--r-- 1 root root 1996 Jun 14 13:04 cafile.pem
>> >
>> >
>> > Freeswitch is compiled with SSL support:
>> >
>> > ldd freeswitch
>> >         linux-vdso.so.1 =>  (0x00007fff415ff000)
>> >         libm.so.6 => /lib64/libm.so.6 (0x00007fab636b8000)
>> >         libfreeswitch.so.1 =>
>> /usr/local/freeswitch/lib/libfreeswitch.so.1
>> > (0x00007fab632c1000)
>> >         libuuid.so.1 => /lib64/libuuid.so.1 (0x00007fab630bc000)
>> >         librt.so.1 => /lib64/librt.so.1 (0x00007fab62eb3000)
>> >         libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007fab62c78000)
>> >         libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fab62a5b000)
>> >         libssl.so.1.0.0 => /lib64/libssl.so.1.0.0 (0x00007fab627ff000)
>> >         libcrypto.so.1.0.0 => /lib64/libcrypto.so.1.0.0
>> (0x00007fab6244e000)
>> >         libdl.so.2 => /lib64/libdl.so.2 (0x00007fab6224a000)
>> >         libz.so.1 => /lib64/libz.so.1 (0x00007fab62032000)
>> >         libncurses.so.5 => /lib64/libncurses.so.5 (0x00007fab61ddd000)
>> >         libc.so.6 => /lib64/libc.so.6 (0x00007fab61a70000)
>> >         libstdc++.so.6 => /usr/lib64/libstdc++.so.6 (0x00007fab61767000)
>> >         libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00007fab61551000)
>> >         libodbc.so.1 => /usr/lib64/libodbc.so.1 (0x00007fab612e5000)
>> >         /lib64/ld-linux-x86-64.so.2 (0x00007fab6390f000)
>> >
>> >
>> > _______________________________________________
>> > FreeSWITCH-users mailing list
>> > FreeSWITCH-users at lists.freeswitch.org
>> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> > UNSUBSCRIBE:
>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>> > http://www.freeswitch.org
>> >
>> >
>>
>> _______________________________________________
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
> _______________________________________________
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20110614/e3b534a5/attachment.html

More information about the FreeSWITCH-users mailing list