[OpenSIPS-Users] OpenSIPS 1.11.1 w/TLS <=> Mediaproxy 2.6.1 / question about TLS certificates

ag at ag-projects.com ag at ag-projects.com
Sun Jul 6 22:54:17 CEST 2014


MediaProxy certificates are strictly used for securing the communication between the SIP proxy media dispatcher and the media relay. The TLS certificates used by OpenSIPS are meant to be be used in the context of SIP traffic. For all practical reasons these are completely different certificates, especially the one used by OpenSIPS must be issued by a known certificate authority trusted by the SIP clients. The TLS certificate used by MediaProxy does not need to be signed by any particular CA.

Regards,
Adrian
 
On 05 Jul 2014, at 18:40, Gary Patton <gpatton.public at outlook.com> wrote:

> Hello again everyone!
> 
> I want to experiment with integrating OpenSIPS 1.11.1 w/TLS support and Mediaproxy 2.6.1 for NAT transversal.  The Mediaproxy installation docs say that I need to create and add TLS certificates.  But wouldn't Mediaproxy use the OpenSIPS ssl certificates created when installing OpenSIPS to communicate with OpenSIPS.   I noticed that the Mediaproxy needs tls certificates to end in *.pem just like OpenSIPS tls certificates end in *.pem.  Because they will be in the same security realm, all I need to do is copy the tls certificates I created when installing OpenSIPS w/TLS support to the proper directories in the MediaProxy dispatcher and relay, right? 
> 
> Or does MediaProxy need it's own tls certificates to communicate w/OpenSIPS?
> 
> Thanks.
> 
> Regards
> 
> Gary
> 
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20140706/1b8a1e8e/attachment.htm>


More information about the Users mailing list