[Kamailio-Users] Testing of Kamailio TLS with Sipp TLS

Thu, 18 Feb 2010 00:29:58 -0800 

Hello friendsm,

I am testing TLS feature of both kamailio and Sipp.

I first downloaded kamailio 1.5.x TLS supported version, uncommented TLS=1
from Makefiel and then build the kamailio.
first i test kamailio without TLS with sipp for registration and
everything works file.

Then i follow "http://www.kamailio.org/docs/tls-devel.html"; and creates
rootCA, user certificates and all configuration parameters to kamailio.cfg
file

Config paras are as below:


/* uncomment the following lines to enable TLS support  (default off) */
disable_tls = no
listen = tls:172.16.16.218:5091
tls_verify_server = 1
tls_verify_client = 1
tls_require_client_certificate = 1
tls_method = TLSv1
tls_certificate =
"/data/hemanshu/install/kam-tls/etc/kamailio/tls/user/user-cert.pem"
tls_private_key =
"/data/hemanshu/install/kam-tls/etc/kamailio/tls/user/user-privkey.pem"
tls_ca_list     =
"/data/hemanshu/install/kam-tls/etc/kamailio/tls/user/user-calist.pem"


and restart kamailio server

It works and i can see via netstat on port 5091.

but when i starts sipp it gives me following error.

[heman...@localhost sipp.3.1]$ ./sipp -sf ./data/rauth.xml -inf
./data/user.csv -r 1 -m 1 -trace_err -trace_stat -nd -fd 1 -i
172.16.16.218 172.16.16.218:5091 -t l1
2010-02-18      13:51:40:244    1266481300.244432: FI_init_ssl_context:
SSL_CTX_use_certificate_file failed.


I know i have built sipp with TLS support, then i can not figure out where
is the problem.
Sipp says user certification file failed ..but client doesnt need any
certification file...or does it?

i even tried with  tls_verify_client = 1 , tls_require_client_certificate
= 1, playing with different combinations...but still same ans.


Can anyone suggest me what could be wrong?
Have i made any mistake in configuring kamailio or theres some problem in
SIPP.





-- 
Regards,

Hemanshu Patel

M: 09601295238


_______________________________________________
Kamailio (OpenSER) - Users mailing list
Users@lists.kamailio.org
http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
http://lists.openser-project.org/cgi-bin/mailman/listinfo/users

Reply via email to