If the SIP traffic is routed via port 5060 it is not TLS.
Only if you see TCP traffic on port 5061 TLS is used.
Try use t_relay_to_tcp (or the new t_relay syntax if you use CVS head)
regards
klaus
Joao Pereira wrote:
Hello
I did ngrep and all the traffic is passing through port 5060 from
serverA to serverB.
In witch port should the certification negotiation be done? 5060 or 5061 ?
Thats my configuration of the 2 servers
aaa.aaa.aaa.aaa = IP of openserA
bbb.bbb.bbb.bbb=IP of openserB
openserA-----------------------------------------
port=5060
listen = aaa.aaa.aaa.aaa:5060 alias=aaa.aaa.aaa.aaa
disable_tls = 0
listen = tls:aaa.aaa.aaa.aaa:5061
tls_verify = 1
tls_require_certificate = 1
tls_method = TLSv1
openserB-----------------------------------------
port=5060
listen = bbb.bbb.bbb.bbb:5060
alias=bbb.bbb.bbb.bbb
disable_tls = 0
listen = tls:bbb.bbb.bbb.bbb:5061
tls_verify = 1
tls_require_certificate = 1
tls_method = TLSv1
Thanks
Joao
Klaus Darilion wrote:
ssldump
or
ngrep port 5061
regards
klaus
Joao Pereira wrote:
Hello to all
I have 2 OpenSERs working with TLS.
They both have registered clients (X-Lite).
How can I be sure that they are exchanging the certificates when one
call goes from serverA to serverB ?
Is there any debug where we can see it happening?
Thanks
Joao
_______________________________________________
Users mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/users
