diff options
author | bbryant <bbryant@f38db490-d61c-443f-a65b-d21fe96a405b> | 2008-02-25 19:00:16 +0000 |
---|---|---|
committer | bbryant <bbryant@f38db490-d61c-443f-a65b-d21fe96a405b> | 2008-02-25 19:00:16 +0000 |
commit | 85bdf7bf13ac63b5ad2ee4eebddb75321c9b1d6e (patch) | |
tree | a42cb7afe068308fd2bf27995a09c3b9a089c6ff /configs | |
parent | 1d8248c084a76878ecc78cbef78536b5a4512f2a (diff) |
Adding more tls configuration details to sip.conf sample, with a list of valid ciphers provided in both files. .. First commit since July, woot
git-svn-id: http://svn.digium.com/svn/asterisk/trunk@104088 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'configs')
-rw-r--r-- | configs/sip.conf.sample | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/configs/sip.conf.sample b/configs/sip.conf.sample index 1085be999..df7f1a27d 100644 --- a/configs/sip.conf.sample +++ b/configs/sip.conf.sample @@ -84,6 +84,27 @@ tcpbindaddr=0.0.0.0 ; IP address for TCP server to bind to (0.0.0.0 bind ;tlscertfile=asterisk.pem ; Certificate file (*.pem only) to use for TLS connections ; default is to look for "asterisk.pem" in current directory +;tlscafile=</path/to/certificate> +; If the server your connecting to uses a self signed certificate +; you should have their certificate installed here so the code can +; verify the authenticity of their certificate. + +;tlscadir=</path/to/ca/dir> +; A directory full of CA certificates. The files must be named with +; the CA subject name hash value. +; (see man SSL_CTX_load_verify_locations for more info) + +;tlsdontverifyserver=[yes|no] +; If set to yes, don't verify the servers certificate when acting as +; a client. If you don't have the server's CA certificate you can +; set this and it will connect without requiring tlscafile to be set. +; Default is no. + +;tlscipher=<SSL cipher string> +; A string specifying which SSL ciphers to use or not use +; A list of valid SSL cipher strings can be found at: +; http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS + srvlookup=yes ; Enable DNS SRV lookups on outbound calls ; Note: Asterisk only uses the first host ; in SRV records |