[OpenSIPS-Users] Trouble with TLS for encryption of client calls
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Thu Apr 22 18:52:10 CEST 2010
Andy,
more or less it is the same (between a user and server) - nevertheless,
on the client side you need to provide a SSL certificate. What you can
do is to configure OpenSIPS not to check the certificate: see
http://www.opensips.org/html/docs/tutorials/tls-1.4.x.html#AEN293
Regards,
Bogdan
Andy Savage wrote:
> Hi Bogdan,
>
> I have looked through this tutorial but from what I could see it only
> talks about TLS authentication/encryption for other SIP servers (not
> encryption for clients).
>
> Is it possible to have client authentication (for example a SIP
> softphone) using TLS without the client having to install a special
> certificate?
>
> I would like to have this transparent to the users basically so the
> signalling traffic is encrypted.
>
> Kind regards,
> Andy Savage
>
> --
> "The greatest challenge to any thinker is stating the problem in a way
> that will allow a solution"
> - Bertrand Russell
>
> Andy Savage
> Cell Phone: +852 936 34341
> Skype ID: andy_savage
> Linked In: http://www.linkedin.com/in/andysavage
>
>
> On Wed, Apr 21, 2010 at 11:25 PM, Bogdan-Andrei Iancu
> <bogdan at voice-system.ro <mailto:bogdan at voice-system.ro>> wrote:
>
> Hi Andy,
>
> Have you when through the TLS tutorial -
> http://www.opensips.org/Resources/DocsTutorials#toc7
>
> Regards,
> Bogdan
>
> Andy Savage wrote:
> > Hi there,
> >
> > I'm having a little bit of trouble understanding how to
> configure TLS
> > support for OpenSIPs. The reason for my confusion is that I'm simply
> > using OpenSIPs as a relay server for SIP traffic between two SIP
> > clients (lets say for now that the clients are running Bria).
> >
> > I am not interested in linking to other SIP servers (or
> > authenticating/encrypting to them) simply to provide encrypted
> > signalling traffic between the clients to ensure their privacy.
> >
> > How would I go about setting the OpenSIPs config file up for
> this sort
> > of scenario? I presume I don't need to generate a user
> certificate for
> > this since I don't have any other sip servers I'm linking to?
> >
> > Kind regards,
> > Andy Savage
> >
> > --
> > "The greatest challenge to any thinker is stating the problem in
> a way
> > that will allow a solution"
> > - Bertrand Russell
> >
> > Andy Savage
> > Cell Phone: +852 936 34341
> > Skype ID: andy_savage
> > Linked In: http://www.linkedin.com/in/andysavage
> >
> ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Users mailing list
> > Users at lists.opensips.org <mailto:Users at lists.opensips.org>
> > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> >
>
>
> --
> Bogdan-Andrei Iancu
> www.voice-system.ro <http://www.voice-system.ro>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org <mailto:Users at lists.opensips.org>
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
--
Bogdan-Andrei Iancu
www.voice-system.ro
More information about the Users
mailing list