[Freeswitch-users] TLS problem
Peter
eidevm5 at gmail.com
Mon Sep 16 04:44:31 MSD 2013
Note that Linphone uses its own CA list (derived from Mozilla's list).
If you are using a self-signed cert, then you need to add the FS CA cert
into the Linphone rootca.pem file. You'll either need a rooted/jail
broken phone to do this, or compile your own version with your CA cert
appended to rootca.pem
On Mon, Sep 16, 2013 at 3:46 AM, Dror Lupu <drorlupu at gmail.com> wrote:
> I followed the steps in the Wiki: http://wiki.freeswitch.org/wiki/SIP_TLS
> Using the gentls_cert script.
>
> I verified that all .pem files got created.
>
> -----Original Message-----
> From: freeswitch-users-bounces at lists.freeswitch.org
> [mailto:freeswitch-users-bounces at lists.freeswitch.org] On Behalf Of Brian
> West
> Sent: Sunday, September 15, 2013 8:35 PM
> To: FreeSWITCH Users Help
> Subject: Re: [Freeswitch-users] TLS problem
>
> Its probably going to be the cipher suite, how did you generate the
> certificate?
> --
> Brian West
> brian at freeswitch.org
> FreeSWITCH Solutions, LLC
> PO BOX PO BOX 2531
> Brookfield, WI 53008-2531
> Twitter: @FreeSWITCH_Wire , @briankwest
> http://www.freeswitchbook.com
> http://www.freeswitchcookbook.com
>
> T: +1.918.420.9001 | F: +1.918.420.9002 | M: +1.918.424.WEST
> iNUM: +883 5100 1420 9001
> ISN: 410*543
> Skype:briankwest
> PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED)
>
> On Sep 14, 2013, at 1:35 PM, Dror Lupu <drorlupu at gmail.com> wrote:
>
> > Hi Guys,
> >
> > I've done the steps for TLS setup as shown on the Wiki (using the
> server's
> IP address in CN and ALT), but I can't get TLS to work (UDP/TCP works
> fine).
> > All certificates seem to be in place and generated correctly.
> > I get this error, when using Linphone (I installed the root CA on my
> machine).
> > 1. tport.c:2745 tport_wakeup_pri() tport_wakeup_pri(0xb5062a60):
> > events IN 2. tport.c:869 tport_alloc_secondary()
> > tport_alloc_secondary(0xb5062a60): new secondary tport 0xb67c0410 3.
> > tport_type_tls.c:607 tport_tls_accept() tport_tls_accept(0xb67c0410):
> > new connection from tls/172.16.111.211:61942/sips 4. tport_tls.c:873
> > tls_connect() tls_connect(0xb67c0410): events NEGOTIATING 5.
> > tport_tls.c:873 tls_connect() tls_connect(0xb67c0410): events
> > NEGOTIATING 6. tport_tls.c:962 tls_connect() tls_connect(0xb67c0410):
> > TLS setup failed (error:00000001:lib(0):func(0):reason(1))
> > 7. tport.c:2092 tport_close() tport_close(0xb67c0410):
> tls/172.16.111.211:61942/sips
> > 8.
> > Any ideas?
> >
> > Thanks in advance,
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
>
>
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130916/5aa1eeb6/attachment.html
Join us at ClueCon 2013 Aug 6-8, 2013
More information about the FreeSWITCH-users
mailing list