openser , tls ,and minisip. Please help...

Ferianto siregar ferianto_voip at yahoo.com
Tue Oct 3 03:06:23 CEST 2006 

Dear all


I would like to say thanks to all of you for your time. Thank you.

All, I have built openser server with TLS support. I test it by making a call with minisip.
It works successfully when 2 user make a call without TLS support enabled in minisip configuration.

But, I got the problem when I try to make a call with TLS support enabled.

Here are the tasks that I have done in openser server:
1. I run ./gen_rooCA.sh and running this script, I got rootCA directory. 
This directory contains:
    a.cacert.pem
    b.index
    c.serial
    d.private directory which contains cakey.pem 
    e. cert directory which contain 01.pem

2. I run ./gen_usercert.sh user and running this script,I got user directory. This directory
contains:
    a.user-calist.pem
    b.user-cert.pem
    c.user-privkey.pem
    d.user-cert_req.pem

3. When running minisip (suppported TLS), I done these tasks:
    a.In "Preferences settings", I use TLS port in "enable TLS Local Port" 
      and "Transport Method" is TLS.

My problem are:
In minisip configuration (certificate settings), 

1. In "Personal Settings", what file should I put? I mean, in menu "choose a certificate",
   what should I browse to fill this?
2. In " choosen a private key", what should I browse to fill this?
3. In "CA database", what sholud I browse to fill this?
4. If I need to convert any certificate format (.pem) to the other format, please tell me. How?

Because when I fill "chosee a certificate" with "user-cert.pem", the "choosen a private key" with "user-privkey.pem" 
,and the " CA databese" with "user-cert.pem","cacert.pem","user-calist.pem","user-privkey.pem", I got the error message:
The error message said that the "SSL : connect failed"


Creating GTK GUI
Setting contact db
Thread 2 running - doing initParseConfig
init 3/9: Parsing configuration file ()
WARNING: Could not determine home directory
Config file version checked ok!
SipIdentity::SipIdentity : cretated identity id=1
SipIdentity::setSipUri: sipUsername=<didit> sipDomain=<202.95.149.251>
SipIdentity::setSipProxy: autodetect is false; userUri=didit at 202.95.149.251; tra
nsport = TLS; proxyAddr=202.95.149.251; proxyPort=5060
SipProxy:setProxy(str) : addr = 202.95.149.251
SipIdentity::setProxy: manual sipproxy success ...
SipIdentity::setProxy: else ...
Identities:
        identity=1; username=didit; domain=202.95.149.251 proxy=[proxyString=202
.95.149.251; proxyString=202.95.149.251; port=5060; transport=TLS; autodetect=no
; user=didit; password=didit; expires=1000]; isRegistered=0
init 4/9: Creating IP provider
        Adapter Name:   {DAF8C45E-7B2A-4D08-98AA-5E5091C3464D}
        Adapter Name:   {6FFFD1E7-4BC6-426E-929D-E8292B7FC0DB}
        Adapter Name:   {B926ACA5-8120-42A4-BAD7-AE95AA6708F0}
SimpleIPProvider: localIp =
SimpleIPProvider: preferred network interface = {DAF8C45E-7B2A-4D08-98AA-5E5091C
3464D}
SimpleIPProvider: preferred interface found
Minisip is using IP =  202.95.149.50
init 5/9: Creating MediaHandler
Sound I/O: using Spatial Audio Mixer
Adding audio codec: G.711
init 6/9: Creating MSip SIP stack
init 7/9: Connecting GUI to SIP logic
init 8.2/9: Starting TCP transport worker thread
init 8.3/9: Starting TLS transport worker thread
init 9/9: Registering Identities to registrar server

Registering user didit at 202.95.149.251 to proxy 202.95.149.251, requesting domain
 202.95.149.251

SipMessageTransport: sendMessage: creating new socket
Creating new SSL_CTX
SSL: connect failed
SipMessageTransport: sendMessage: exception thrown!
SipMessageTransport: sendMessage: creating new socket


What should I do in order I can make a secure call with TLS support? 
Would anybody mind guide me, Please..
I really need this for finishing my college task, Please
 
Thank you very much for help.. I am sorry for waste your time, Thanks.


Regards :)



Ferianto 


 				
---------------------------------
Get your own web address for just $1.99/1st yr. We'll help. Yahoo! Small Business.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.minisip.org/pipermail/minisip-users/attachments/20061002/815d42a6/attachment.html

More information about the Minisip-users mailing list