Yate Community Forum

Yate server => Other Yate server issues => Topic started by: abma on April 11, 2016, 08:02:43 AM

Title: how to configure yate for tls client auth with a certificate to a sip trunk?
Post by: abma on April 11, 2016, 08:02:43 AM

i'm trying to configure an encrypted connection to a sip trunk in yate. the isp followed the standard "Sip Connect 1.1" and requires the sip client (=yate) to connect via a signed client certificate. Its also required that the client sends the certificate chain when connecting.

this connection works:

openssl s_client  -connect <ip>:5061 -CAfile server.pem -cert server.pem -key server.key -debug


does yate support this at all? i couldn't find openssl config parameters for  client connections to a sip trunk.

i'm still getting the same errors as in http://forum.yate.ro/index.php?topic=552.0 (but now i have a valid certificate which works with openssl s_client...)

Title: Re: how to configure yate for tls client auth with a certificate to a sip trunk?
Post by: marian on April 12, 2016, 01:09:58 AM

Hi,

For SIP the following options are available in ysipchan.conf:
[general]
ssl_certificate_file=
ssl_key_file=

This will apply for all TLS client connections.
See http://docs.yate.ro/wiki/Ysipchan

Title: Re: how to configure yate for tls client auth with a certificate to a sip trunk?
Post by: abma on April 18, 2016, 08:26:16 AM

thanks, this worked!

i totally missed the config setting in ysipchan.conf. for some reason i thought all ssl/tls related config settings are in openssl.conf.