[OpenSIPS-Devel] tls_mgm issues
Răzvan Crainea
razvan at opensips.org
Fri Sep 11 09:14:50 CEST 2015
Hi, Ovidiu!
The tls_mgm module should not be in trunk, but only on the tls-rework
branch, which is a temporary one.
As soon as we complete the entire tls rework, we'll merge everything
back in master. Meanwhile, I reverted the changes on master, so not it
should work as expected.
Thanks for reporting this!
Răzvan Crainea
OpenSIPS Solutions
www.opensips-solutions.com
On 09/10/2015 07:21 PM, Ovidiu Sas wrote:
> The documentation for tls_mgm module is not updated:
> - all the modules in modparam examples are set to proto_tls instead of tls_mgm
> - the tls_client_domain_avp should be client_domain_avp
>
> Why the client_domain_avp supports only integer named AVPs?
>
> When I try to load the tls protocol, the server will not start and
> will fail with the following error:
> ERROR:tls_mgm:init_tls_domains: cannot create ssl context for tls[0.0.0.0:0]
>
> Here are the relevant params:
> listen=tls:192.168.2.61:5061
>
> loadmodule "tls_mgm.so"
> modparam("tls_mgm", "server_domain", "1=192.168.2.61:5061")
> modparam("tls_mgm", "certificate",
> "1:/usr/local/etc/opensips/tls/user/user-cert.pem")
> modparam("tls_mgm", "private_key",
> "1:/usr/local/etc/opensips/tls/user/user-privkey.pem")
> modparam("tls_mgm", "ca_list",
> "1:/usr/local/etc/opensips/tls/user/user-calist.pem")
> modparam("tls_mgm", "require_cert", "1:1")
> loadmodule "proto_tls.so"
>
>
> On a side note, if port is missing from the server_domain params, the
> IP is treated as FQDN.
> If the port is mandatory, it should be specified in the documentation.
>
>
> Regards,
> Ovidiu Sas
>
More information about the Devel
mailing list