[Freeswitch-users] TLS on FreeSwitch not Working
R W
wingcomm at hotmail.com
Sun Aug 12 12:44:03 MSD 2012
Mitch,
Thank you! I enabled logging and found my CA cert file misnamed. Re-naming it fixed the problem!
-Rob
> From: mitch.capper at gmail.com
> Date: Thu, 9 Aug 2012 09:33:28 -0700
> To: freeswitch-users at lists.freeswitch.org
> Subject: Re: [Freeswitch-users] TLS on FreeSwitch not Working
>
> Turn on sofia tport logging it will tell you what its unable to setup
> the TLS connection.
>
> ~Mitch
>
> On Wed, Aug 8, 2012 at 10:09 PM, R W <wingcomm at hotmail.com> wrote:
> > Hi All,
> >
> > I cannot seem to get TLS running on the sofia "internal" profile. Any
> > assistance would be appreciated.
> >
> > I'm running FreeSWITCH Version 1.2.0-rc2+git~20120808T025758Z~9ac586adc8
> > (1.2.0-rc2; git at commit 9ac586adc8 on Wed, 08 Aug 2012 02:57:58 Z) on
> > Ubuntu 12.04 LTS.
> >
> > When I set internal_ssl_enable=true, and reload the sofia internal profile,
> > I get the "usual" error:
> >
> > 2012-08-09 00:34:14.174431 [ERR] sofia.c:2289 Error Creating SIP UA for
> > profile: internal
> >
> > <!-- SIP Profile: Internal -->
> > <X-PRE-PROCESS cmd="set" data="internal_auth_calls=true"/>
> > <X-PRE-PROCESS cmd="set" data="internal_sip_port=5060"/>
> > <X-PRE-PROCESS cmd="set" data="internal_tls_port=5061"/>
> > <X-PRE-PROCESS cmd="set" data="internal_ssl_enable=true"/>
> > <X-PRE-PROCESS cmd="set" data="internal_ssl_dir=$${base_dir}/conf/ssl"/>
> >
> > I verified that the OpenSSL development libraries were installed (Ubuntu
> > package libssl-dev) and looked for references to ssl in the output from the
> > compilation process and saw this:
> >
> > "checking for openssl... yes
> >
> > checking openssl_CFLAGS...
> >
> > checking openssl_LIBS... -lssl -lcrypto
> >
> > adding "-DHAVE_OPENSSL" to SWITCH_AM_CFLAGS"
> >
> >
> > ...
> >
> >
> > "checking OpenSSL options with pkg-config... found
> >
> > checking for gdi32... no
> >
> > checking for CRYPTO_lock in -lcrypto... yes
> >
> > checking for SSL_connect in -lssl... yes
> >
> > checking openssl/x509.h usability... yes
> >
> > checking openssl/x509.h presence... yes
> >
> > checking for openssl/x509.h... yes
> >
> > checking openssl/rsa.h usability... yes
> >
> > checking openssl/rsa.h presence... yes
> >
> > checking for openssl/rsa.h... yes
> >
> > checking openssl/crypto.h usability... yes
> >
> > checking openssl/crypto.h presence... yes
> >
> > checking for openssl/crypto.h... yes
> >
> > checking openssl/pem.h usability... yes
> >
> > checking openssl/pem.h presence... yes
> >
> > checking for openssl/pem.h... yes
> >
> > checking openssl/ssl.h usability... yes
> >
> > checking openssl/ssl.h presence... yes
> >
> > checking for openssl/ssl.h... yes
> >
> > checking openssl/err.h usability... yes
> >
> > checking openssl/err.h presence... yes
> >
> > checking for openssl/err.h... yes
> >
> > checking openssl/pkcs12.h usability... yes
> >
> > checking openssl/pkcs12.h presence... yes
> >
> > checking for openssl/pkcs12.h... yes
> >
> > checking for ENGINE_init... yes
> >
> > checking openssl/engine.h usability... yes
> >
> > checking openssl/engine.h presence... yes
> >
> > checking for openssl/engine.h... yes
> >
> > checking for ENGINE_load_builtin_engines... yes
> >
> > checking for RAND_status... yes
> >
> > checking for RAND_screen... no
> >
> > checking for RAND_egd... yes
> >
> > checking for CRYPTO_cleanup_all_ex_data... yes
> >
> > checking for "/dev/urandom"... yes
> >
> > checking CA cert bundle install path...
> > ${prefix}/share/curl/curl-ca-bundle.crt
> >
> > checking for inflateEnd in -lz... yes"
> >
> >
> > Is there anything else I should be checking. Does freeswitch send logs
> > anywhere other than ../freeswitch/log/ ?
> >
> >
> >
> >
> >
> > _________________________________________________________________________
> > Professional FreeSWITCH Consulting Services:
> > consulting at freeswitch.org
> > http://www.freeswitchsolutions.com
> >
> >
> >
> >
> > Official FreeSWITCH Sites
> > http://www.freeswitch.org
> > http://wiki.freeswitch.org
> > http://www.cluecon.com
> >
> > Join Us At ClueCon - Aug 7-9, 2012
> >
> > FreeSWITCH-users mailing list
> > FreeSWITCH-users at lists.freeswitch.org
> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> > http://www.freeswitch.org
> >
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
>
>
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> Join Us At ClueCon - Aug 7-9, 2012
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20120812/79ab75bb/attachment.html
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list