diff options
author | oej <oej@f38db490-d61c-443f-a65b-d21fe96a405b> | 2008-01-22 09:46:28 +0000 |
---|---|---|
committer | oej <oej@f38db490-d61c-443f-a65b-d21fe96a405b> | 2008-01-22 09:46:28 +0000 |
commit | e71421ff23d6e5abf51eaa4d7f476b858a098a1c (patch) | |
tree | 2181c997746ef24513fe5c6f84e9c969e77ebb54 | |
parent | 21363e1a63276b5b8892026c0d7e06723adefa00 (diff) |
Small fixes
git-svn-id: http://svn.digium.com/svn/asterisk/trunk@99482 f38db490-d61c-443f-a65b-d21fe96a405b
-rw-r--r-- | doc/siptls.txt | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/doc/siptls.txt b/doc/siptls.txt index 3a54bf095..482939aa1 100644 --- a/doc/siptls.txt +++ b/doc/siptls.txt @@ -4,17 +4,17 @@ Asterisk SIP/TLS Transport When using TLS the client will typically check the validity of the certificate chain. So that means you either need a certificate that is signed by one of the larger CAs, or if you use a self signed certificate -you must install a copy of your CA on the client. +you must install a copy of your CA certificate on the client. So far this code has been test with: -Asterisk as client and server (TLS and TCP) -Polycom Soundpoint IP Phones (TLS and TCP) +- Asterisk as client and server (TLS and TCP) +- Polycom Soundpoint IP Phones (TLS and TCP) Polycom phones require that the host (ip or hostname) that is configured match the 'common name' in the certificate -Minisip Softphone (TLS and TCP) -Cisco IOS Gateways (TCP only) -SNOM 360 (TLS only) -Zoiper Biz Softphone (TLS and TCP) +- Minisip Softphone (TLS and TCP) +- Cisco IOS Gateways (TCP only) +- SNOM 360 (TLS only) +- Zoiper Biz Softphone (TLS and TCP) sip.conf options @@ -26,7 +26,7 @@ tlsbindaddr=<ip address> Specify IP address to bind TLS server to, default is 0.0.0.0 tlscertfile=</path/to/certificate> - The server's certificate file. Should include the key and + The server's certificate file. Should include the key and certificate. This is mandatory if your going to run a TLS server. tlscafile=</path/to/certificate> @@ -56,6 +56,7 @@ Here are the relevant bits of config for setting up TLS between 2 asterisk servers. With server_a registering to server_b On server_a: + [general] tlsenable=yes tlscertfgile=/etc/asterisk/asterisk.pem |