On Wed, Jul 2, 2008 at 9:30 AM, Klaus Darilion <klaus.mailinglists at pernau.at> wrote: > Hi Benny! > > I tested it and it works fine. Also on port 5061. Maybe you tested with > tls-a.deepsec.pernau.at - this TLS domain was configured to require a > client certificate, thus the handshake failed? > Yes I did use that domain. Great, so it works! > This leads me to a question: How can I use the server_name extension > from pjsua-API? Does the server_name have to be filled manually? IMO it > should be automatically set to the domain of the next hop (except it is > an IP address). Yes the server_name needs to be filled up manually in tls_settings of each TLS listener. The reason for this is because by default, SIP transports has no correlation to accounts, so by default SIP transports can by used by any accounts (the concept of accounts only exist in pjsua-lib, while SIP transports are pjsip (core) objects). With pjsua API, accounts may share the same transport, or they can be "locked" to a particular transport instance. Only when there is only one account in the system, or when accounts are lock to their individual transports, we can use the "server_name". So (I hope) it makes sense that it requires manual setting to "server_name" field. And not that it's too hard anyway. > > btw: is it intended that pjsip.org is different than www.pjsip.org (no menu) > Ah right, it's a misconfiguration. Should be fixed now. Thanks. Cheers benny
