<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<tt>Hi,<br>
<br>
A fresh installation of 2.1 (sources from GIT) produces:<br>
<br>
$ ls -laR /tmp/opensips_test/etc/opensips/tls/<br>
/tmp/opensips_test/etc/opensips/tls/:<br>
total 32<br>
drwxrwxr-x 4 bogdan bogdan 4096 iun 25 13:29 .<br>
drwx------ 3 bogdan bogdan 4096 iun 25 13:29 ..<br>
-rw-r--r-- 1 bogdan bogdan 2049 iun 25 13:29 ca.conf<br>
-rw-r--r-- 1 bogdan bogdan 1048 iun 25 13:29 README<br>
-rw-r--r-- 1 bogdan bogdan 1127 iun 25 13:29 request.conf<br>
drwxrwxr-x 4 bogdan bogdan 4096 iun 25 13:30 rootCA<br>
drwxrwxr-x 2 bogdan bogdan 4096 iun 25 13:30 user<br>
-rw-r--r-- 1 bogdan bogdan 591 iun 25 13:29 user.conf<br>
<br>
/tmp/opensips_test/etc/opensips/tls/rootCA:<br>
total 28<br>
drwxrwxr-x 4 bogdan bogdan 4096 iun 25 13:30 .<br>
drwxrwxr-x 4 bogdan bogdan 4096 iun 25 13:29 ..<br>
-rw-r--r-- 1 bogdan bogdan 1338 iun 25 13:29 cacert.pem<br>
drwxrwxr-x 2 bogdan bogdan 4096 iun 25 13:30 certs<br>
-rw-r--r-- 1 bogdan bogdan 135 iun 25 13:29 index.txt<br>
drwxrwxr-x 2 bogdan bogdan 4096 iun 25 13:30 private<br>
-rw-r--r-- 1 bogdan bogdan 3 iun 25 13:30 serial<br>
<br>
/tmp/opensips_test/etc/opensips/tls/rootCA/certs:<br>
total 12<br>
drwxrwxr-x 2 bogdan bogdan 4096 iun 25 13:30 .<br>
drwxrwxr-x 4 bogdan bogdan 4096 iun 25 13:30 ..<br>
-rw-r--r-- 1 bogdan bogdan 3023 iun 25 13:30 01.pem<br>
<br>
/tmp/opensips_test/etc/opensips/tls/rootCA/private:<br>
total 12<br>
drwxrwxr-x 2 bogdan bogdan 4096 iun 25 13:30 .<br>
drwxrwxr-x 4 bogdan bogdan 4096 iun 25 13:30 ..<br>
-rw-r--r-- 1 bogdan bogdan 1834 iun 25 13:30 cakey.pem<br>
<br>
/tmp/opensips_test/etc/opensips/tls/user:<br>
total 24<br>
drwxrwxr-x 2 bogdan bogdan 4096 iun 25 13:30 .<br>
drwxrwxr-x 4 bogdan bogdan 4096 iun 25 13:29 ..<br>
-rw-r--r-- 1 bogdan bogdan 1338 iun 25 13:30 user-calist.pem<br>
-rw-r--r-- 1 bogdan bogdan 3023 iun 25 13:30 user-cert.pem<br>
-rw-r--r-- 1 bogdan bogdan 530 iun 25 13:30 user-cert_req.pem<br>
-rw-r--r-- 1 bogdan bogdan 526 iun 25 13:30 user-privkey.pem<br>
<br>
<br>
All the TLS files seems to be in place. For 2.1 there is no
specific switch for TLS, it is by default present, there is not
need for extra options or env variables. Just to "make install"<br>
<br>
Regards,<br>
</tt>
<pre class="moz-signature" cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a></pre>
<div class="moz-cite-prefix">On 25.06.2015 03:03, Nabeel wrote:<br>
</div>
<blockquote
cite="mid:CA+vx6KJJnomj01aeUJv4hi0q_OOq7unJai-JZDJPutK9SLWQDw@mail.gmail.com"
type="cite">
<div dir="ltr">I just installed version 1.11.5 of OpenSIPS and
this version does have all the TLS files included. I should
have downloaded this version all along because version 2.1
clearly needs to be fixed.</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 25 June 2015 at 00:36, Nabeel <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:nabeelshikder@gmail.com" target="_blank">nabeelshikder@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Where are the 'example' openssl certificates
as mentioned in the link above? In the source files
folder, there is no /etc/tls folder, and there are no
example certificates in the [source]/examples folder
either.</div>
<div class="HOEnZb">
<div class="h5">
<div class="gmail_extra"><br>
<div class="gmail_quote">On 25 June 2015 at 00:26,
Nabeel <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:nabeelshikder@gmail.com"
target="_blank">nabeelshikder@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">I tried installing OpenSIPS two
more times, once through the menuconfig
interface with TLS enabled, and another time
with "TLS=1 make install" command. Both times,
the /etc/opensips/tls directory only has empty
directories, with no files inside. The
following directories are created with no files
inside:
<div><br>
</div>
<div>[installdirectory]/etc/opensips/tls<br>
</div>
<div>[installdirectory]/etc/opensips/tls/rootCA<br>
</div>
<div>[installdirectory]/etc/opensips/tls/user<br>
</div>
<div>[installdirectory]/etc/opensips/tls/rootCA/certs<br>
</div>
<div>[installdirectory]/etc/opensips/tls/rootCA/private<br>
</div>
<div><br>
</div>
<div>All these directories are empty? Is this
normal?</div>
<div><br>
</div>
<div>At the following link I see someone refer
to an OpenSIPS source which has tls included "<span
style="color:rgb(51,51,51);font-family:Consolas,'Liberation
Mono',Menlo,Courier,monospace;font-size:13.6000003814697px;line-height:1.45;background-color:rgb(247,247,247)">opensips-1.9.1-tls".</span> Is
this a specific source tarball with TLS
enabled? Is there one for version 2.1?</div>
<div><br>
</div>
<div><a moz-do-not-send="true"
href="https://github.com/antonraharja/book-opensips-101/blob/master/content/3.2.%20SIP%20TLS%20Secure%20Calling.mediawiki"
target="_blank">https://github.com/antonraharja/book-opensips-101/blob/master/content/3.2.%20SIP%20TLS%20Secure%20Calling.mediawiki</a><br>
</div>
<div>
<div>
<div><br>
</div>
<div><br>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 24 June 2015
at 15:30, Bogdan-Andrei Iancu <span
dir="ltr"><<a
moz-do-not-send="true"
href="mailto:bogdan@opensips.org"
target="_blank">bogdan@opensips.org</a>></span>
wrote:<br>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<tt>Hi,<br>
<br>
What OpenSIPS version do you have
? also, note that you need also to
install OpenSIPS with the TLS
option on, otherwise the tls
directory will not be created.<br>
<br>
Regards,<br>
</tt>
<pre cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a moz-do-not-send="true" href="http://www.opensips-solutions.com" target="_blank">http://www.opensips-solutions.com</a></pre>
<div>
<div>
<div>On 24.06.2015 17:14, Nabeel
wrote:<br>
</div>
</div>
</div>
<blockquote type="cite">
<div>
<div>
<p dir="ltr"># opensipsctl tls
rootCA<br>
ERROR: root CA config file
(/usr/local//etc/opensips//tls/ca.conf)
does not exist</p>
<p dir="ltr">In fact, that
whole tls directory is
empty, even though my
OpenSIPS instance has been
compiled with tls support.
Where can I download the CA
files? </p>
<br>
<fieldset></fieldset>
<br>
</div>
</div>
<pre>_______________________________________________
Users mailing list
<a moz-do-not-send="true" href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a>
<a moz-do-not-send="true" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
</blockquote>
<br>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</body>
</html>