TLS with PJSUA giving issues.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi I have been trying to make transport possible with TLS, and am having
hard time.

I have CA-db, server certs and client certs and keys generated properly.

I have initiated the pjsua application to accept calls from any endpoint
with "--use-tls" option.

Now I have a file called endpoint.c, which is generating sip call, I am able
to get it working without the TLS option and calls are being received at the
pjsua application.
However, when I set
pjsua_transport_create(PJSIP_TRANSPORT_TLS,
                                         &config->transport,
                                         &state->transport_id),

and
copy certs like,

    char cert_file[] = "/home/amar/code/test-data/certs1/client-cert.pem";
    char pvt_key_file[] = "/home/amar/tmp/test-data/certs1/client-key.pem";

    config.transport.tls_setting.cert_file.ptr =
            (char*)malloc(sizeof(cert_file));
    memset(config.transport.tls_setting.cert_file.ptr,0,sizeof(cert_file));

    config.transport.tls_setting.privkey_file.ptr =
            (char*)malloc(sizeof(pvt_key_file));

memset(config.transport.tls_setting.privkey_file.ptr,0,sizeof(pvt_key_file));


    config.transport.tls_setting.cert_file.slen = sizeof(cert_file);
    strcpy(config.transport.tls_setting.cert_file.ptr,cert_file);

    config.transport.tls_setting.privkey_file.slen = sizeof(pvt_key_file);
    strcpy(config.transport.tls_setting.privkey_file.ptr,pvt_key_file);

and then initiate the endpoint very same way, as without tls options, the
endpoint comes out saying,

[amar at aakshat bin]$ ./endpoint -p 5063 -t conf-122 at 192.168.5.18:5061
 17:12:32.399  pjsua_media.c  NAT type detection failed: Invalid STUN server
or server not configured (PJNATH_ESTUNINSERVER)
 17:12:32.399   pjsua_call.c  Unable to generate Contact header: Unsupported
transport (PJSIP_EUNSUPTRANSPORT) [status=171060]
 17:12:32.399   src/common.c  pjsua_call_make_call(): Unsupported transport
(PJSIP_EUNSUPTRANSPORT) [status=171060]


Now I am unable to find out if, the certs are bein read properly, or what is
causing this issue. Can some one explain the proper way to initialize the
certs and make this work ?
Any sample code would be great.

Also, if any of you have a sample way for generating certificates, do let me
know.



-- 


Thank you...

Amar Akshat

Please excuse any spelling mistakes, as this email was sent from a "not so
good" mobile device.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.pjsip.org/pipermail/pjsip_lists.pjsip.org/attachments/20111022/d0f54900/attachment.html>
[Index of Archives]     [Asterisk Users]     [Asterisk App Development]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [Linux API]
  Powered by Linux