i had created user certificate during process,which i set in kamailio config file. When i gave same certificate and private key to sipp...then it works..
but i am not sure if this is the right way. Becaue i also for testing created another certificates signed by same rootCA, and when imported those to sipp....they didnt work... i am confused...that am i using TLS the way it should be or not? can anyone suggest some nice docs/tutorials about TLS? pls dont just give me google results.. -- Regards, Hemanshu Patel M: 09601295238 > Hello friendsm, > > I am testing TLS feature of both kamailio and Sipp. > > I first downloaded kamailio 1.5.x TLS supported version, uncommented TLS=1 > from Makefiel and then build the kamailio. > first i test kamailio without TLS with sipp for registration and > everything works file. > > Then i follow "http://www.kamailio.org/docs/tls-devel.html"; and creates > rootCA, user certificates and all configuration parameters to kamailio.cfg > file > > Config paras are as below: > > > /* uncomment the following lines to enable TLS support (default off) */ > disable_tls = no > listen = tls:172.16.16.218:5091 > tls_verify_server = 1 > tls_verify_client = 1 > tls_require_client_certificate = 1 > tls_method = TLSv1 > tls_certificate = > "/data/hemanshu/install/kam-tls/etc/kamailio/tls/user/user-cert.pem" > tls_private_key = > "/data/hemanshu/install/kam-tls/etc/kamailio/tls/user/user-privkey.pem" > tls_ca_list = > "/data/hemanshu/install/kam-tls/etc/kamailio/tls/user/user-calist.pem" > > > and restart kamailio server > > It works and i can see via netstat on port 5091. > > but when i starts sipp it gives me following error. > > [heman...@localhost sipp.3.1]$ ./sipp -sf ./data/rauth.xml -inf > ./data/user.csv -r 1 -m 1 -trace_err -trace_stat -nd -fd 1 -i > 172.16.16.218 172.16.16.218:5091 -t l1 > 2010-02-18 13:51:40:244 1266481300.244432: FI_init_ssl_context: > SSL_CTX_use_certificate_file failed. > > > I know i have built sipp with TLS support, then i can not figure out where > is the problem. > Sipp says user certification file failed ..but client doesnt need any > certification file...or does it? > > i even tried with tls_verify_client = 1 , tls_require_client_certificate > = 1, playing with different combinations...but still same ans. > > > Can anyone suggest me what could be wrong? > Have i made any mistake in configuring kamailio or theres some problem in > SIPP. > > > > > > -- > Regards, > > Hemanshu Patel > > M: 09601295238 > > > _______________________________________________ > Kamailio (OpenSER) - Users mailing list > Users@lists.kamailio.org > http://lists.kamailio.org/cgi-bin/mailman/listinfo/users > http://lists.openser-project.org/cgi-bin/mailman/listinfo/users > _______________________________________________ Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
