You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Goal (short description)

Usage of SIP identity (RFC4474)

Applicability

User Agent A – TLS — > proxy domainA — Identity (TLS) — > proxy domainB — Identity (TLS,UDP,TCP) — > User Agent B

TLS and Identity doesn't work together yet, ther some intermodule conflict

Prerequisites

  • Linux machine
  • SER version 2.1  - Current cvs version
  • Server certificate and private key in PEM fomrat
  • CA list - list of trusted authorities in PEM format
  • web server to allow others to download your certificate

Ser head cvs branch

export CVSROOT=:pserver:anonymous@cvs.berlios.de:/cvsroot/ser
cvs co sip_router

*Compiling of source*

Make everything

make group_include="standard" include_modules="tls auth_identity" all

Install it (and make before)

make group_include="standard" include_modules="tls auth_identity" install

You can adjust compiled modules by group_include, include_modules and exclude_modules parameters.
Print-modules parameter show set of modules that will compiled.

make group_include="standard" include_modules="tls auth_identity" print-modules

It cvs version, if any other non-critical module make problmes, just remove him with exclude_modules="module_name1 module_name2"

Configuration&nbsp

Edit your ser.cfg

Load the module

# ------------------ module loading ----------------------------------
loadmodule "/usr/local/lib/ser/modules/auth_identity.so"

Set the parameters

# ----------------- setting module-specific parameters ---------------
modparam("auth_identity","privatekey_path","/etc/certs/key.pem")
modparam("auth_identity","certificate_path","/etc/certs/cert.pem")
modparam("auth_identity","cainfo_path","/etc/certs/ca_list.pem")
modparam("auth_identity","certificate_url","http://sip.domainA.net/cert.pem")

OS specific help

Validation, confirmation tests

  • No labels