Hi Sergiu, Giacomo, ah, now I understand. Indeed, this looks wrong.
Cheers, Henning -- Henning Westerholt – https://skalatan.de/blog/ Kamailio services – https://gilawa.com<https://gilawa.com/> From: sr-users <[email protected]> On Behalf Of Sergiu Pojoga Sent: Monday, March 16, 2020 7:23 PM To: Kamailio (SER) - Users Mailing List <[email protected]> Subject: Re: [SR-Users] tls.options RPC reporting default settings So in your example, tls.cfg certificate path is set to /etc/kamailio/kamailio.pem, while tls.options reports certificate path /etc/kamailio/cert.pem On Mon, Mar 16, 2020 at 1:56 PM Henning Westerholt <[email protected]<mailto:[email protected]>> wrote: Hi Sergiu, I did not posted it because there is not much to see 😉 [server:default] method = TLSv1.2+ verify_certificate = yes require_certificate = yes private_key = /etc/kamailio/kamailio.key certificate = /etc/kamailio/kamailio.pem ca_list = /etc/kamailio/ca_list.pem [client:default] section is identical. Do you use a special distribution? I did the test on Debian. Cheers, Henning -- Henning Westerholt – https://skalatan.de/blog/ Kamailio services – https://gilawa.com<https://gilawa.com/> From: sr-users <[email protected]<mailto:[email protected]>> On Behalf Of Sergiu Pojoga Sent: Monday, March 16, 2020 6:48 PM To: Kamailio (SER) - Users Mailing List <[email protected]<mailto:[email protected]>> Subject: Re: [SR-Users] tls.options RPC reporting default settings Hi Henning, It did reboot Kam, lol. You didn't post parts of your custom tls.cfg settings to match with what rpc tls.options reports? Cheers. On Mon, Mar 16, 2020 at 1:34 PM Henning Westerholt <[email protected]<mailto:[email protected]>> wrote: Hi Sergio, strange, for me it looks ok: kamcmd> root@dc-sbc:~# kamcmd |grep kamailio root@dc-sbc:~# kamcmd tls.options |grep kamailio private_key: /etc/kamailio/cert.pem certificate: /etc/kamailio/cert.pem session_id: kamailio-tls-5.x.y config: /etc/kamailio/tls.cfg root@dc-sbc:~# kamcmd core.version kamailio 5.3.2 (x86_64/linux) Probably stupid question, maybe the server needs a restart, if you changed something etc..? Cheers, Henning -- Henning Westerholt – https://skalatan.de/blog/ Kamailio services – https://gilawa.com<https://gilawa.com/> From: sr-users <[email protected]<mailto:[email protected]>> On Behalf Of Sergiu Pojoga Sent: Saturday, March 14, 2020 6:49 PM To: Kamailio (SER) - Users Mailing List <[email protected]<mailto:[email protected]>> Subject: [SR-Users] tls.options RPC reporting default settings Hi there, Having custom TLS config in tls.cfg, RPC `tls.options` seems to report default settings. Bug or intended? root@kam:/# kamcmd version kamailio 5.3.2 (x86_64/linux) 0bed10 root@kam:/# kamcmd tls.options { force_run: 0 method: TLSv1 verify_certificate: 0 verify_depth: 9 require_certificate: 0 private_key: /usr/local/etc/kamailio/cert.pem ca_list: certificate: /usr/local/etc/kamailio/cert.pem cipher_list: session_cache: 0 session_id: kamailio-tls-5.x.y config: /usr/local/etc/kamailio/tls.cfg ... } modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg") root@kam:/usr/local/etc/kamailio# cat tls.cfg [server:default] method = TLSv1.2+ verify_certificate = yes require_certificate = yes private_key = /tmp/privkey.pem certificate = /tmp/fullchain.pem ca_list = /etc/ssl/certs/ca-certificates.crt [client:default] method = TLSv1.2+ verify_certificate = yes require_certificate = yes private_key = /tmp/privkey.pem certificate = /tmp/fullchain.pem ca_list = /etc/ssl/certs/ca-certificates.crt Cheers.
_______________________________________________ Kamailio (SER) - Users Mailing List [email protected] https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
