Configuring SIP over TLS with Kamailio 5.1.6

Download the script from asterisk source ast_tls_cert
$ chmod +x ast_tls_cert
$ ./ast_tls_cert -C pbx.mycompany.com -O "My Super Company" -d /usr/local/etc/kamailio/certificates
$ ./ast_tls_cert -m client -c /usr/local/etc/kamailio/certificates/ca.crt -k /usr/local/etc/kamailio/certificates/ca.key -C phone1.mycompany.com -O "My Super Company" -d /usr/local/etc/kamailio/certificates -o client
$ cp /usr/local/etc/kamailio/certificates/asterisk.pem /usr/local/etc/asterisk/cert.pem
$ cp /usr/local/src/kamailio-5.1.6/src/modules/tls/tls.cfg /usr/local/etc/asterisk/
$ vim /usr/local/etc/asterisk/tls.cfg
 EDIT folowing lines
 private_key = /usr/local/etc/kamailio/certificates/asterisk.key
 certificate = /usr/local/etc/kamailio/certificates/asterisk.crt
 
$ vim /usr/local/etc/asterisk/kamailio.cfg
 ADD Following lines
 
 #!define WITH_TLS
 
 #!ifdef WITH_TLS
 loadmodule "tls.so"
 #!endif
  
 #!ifdef WITH_TLS
 listen=tls:192.168.3.21:5061
 #!endif
 
 #!ifdef WITH_TLS
 enable_tls=yes
 #!endif

 #!ifdef WITH_TLS
 # ----- tls params -----
 modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg")
 #!endif
$ systemctl start kamailio.service
Enjoy ;)

No comments:

Post a Comment

How to compile and run a next application ?

Install nodejs Use  this  link for further reading curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.0/install.sh | bash nvm inst...