Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
jami-daemon
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Iterations
Wiki
Requirements
Code
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Locked files
Deploy
Releases
Model registry
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
Repository analytics
Issue analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
savoirfairelinux
jami-daemon
Commits
c84f06eb
Commit
c84f06eb
authored
12 years ago
by
Alexandre Savard
Browse files
Options
Downloads
Patches
Plain Diff
#9623: update sip.conf for tls test account
parent
983beff3
No related branches found
Branches containing commit
No related tags found
Tags containing commit
No related merge requests found
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
tools/asterisk/sip.conf
+33
-15
33 additions, 15 deletions
tools/asterisk/sip.conf
with
33 additions
and
15 deletions
tools/asterisk/sip.conf
+
33
−
15
View file @
c84f06eb
...
...
@@ -194,8 +194,8 @@ tcpenable=no ; Enable server for incoming TCP connections (de
tcpbindaddr
=
0
.
0
.
0
.
0
;
IP
address
for
TCP
server
to
bind
to
(
0
.
0
.
0
.
0
binds
to
all
interfaces
)
;
Optionally
add
a
port
number
,
192
.
168
.
1
.
1
:
5062
(
default
is
port
5060
)
;
tlsenable
=
no
;
Enable
server
for
incoming
TLS
(
secure
)
connections
(
default
is
no
)
;
tlsbindaddr
=
0
.
0
.
0
.
0
;
IP
address
for
TLS
server
to
bind
to
(
0
.
0
.
0
.
0
)
binds
to
all
interfaces
)
tlsenable
=
yes
;
Enable
server
for
incoming
TLS
(
secure
)
connections
(
default
is
no
)
tlsbindaddr
=
0
.
0
.
0
.
0
:
5061
;
IP
address
for
TLS
server
to
bind
to
(
0
.
0
.
0
.
0
)
binds
to
all
interfaces
)
;
Optionally
add
a
port
number
,
192
.
168
.
1
.
1
:
5063
(
default
is
port
5061
)
;
Remember
that
the
IP
address
must
match
the
common
name
(
hostname
)
in
the
;
certificate
,
so
you
don
'
t
want
to
bind
a
TLS
socket
to
multiple
IP
addresses
.
...
...
@@ -212,7 +212,7 @@ tcpbindaddr=0.0.0.0 ; IP address for TCP server to bind to (0.0.0.0
;
unauthenticated
sessions
that
will
be
allowed
;
to
connect
at
any
given
time
. (
default
:
100
)
srvlookup
=
yes
;
Enable
DNS
SRV
lookups
on
outbound
calls
;
srvlookup
=
yes
;
Enable
DNS
SRV
lookups
on
outbound
calls
;
Note
:
Asterisk
only
uses
the
first
host
;
in
SRV
records
;
Disabling
DNS
SRV
lookups
disables
the
...
...
@@ -447,37 +447,37 @@ srvlookup=yes ; Enable DNS SRV lookups on outbound calls
;
Set
to
yes
add
Reason
header
and
use
Reason
header
if
it
is
available
.
;
;------------------------
TLS
settings
------------------------------------------------------------
;
tlscertfile
=
</
path
/
to
/
certificate
.
pem
>
;
Certificate
file
(*.
pem
format
only
)
to
use
for
TLS
connections
;
default
is
to
look
for
"asterisk.pem"
in
current
directory
tlscertfile
=
/
etc
/
asterisk
/
keys
/
asterisk
.
pem
;
Certificate
file
(*.
pem
format
only
)
to
use
for
TLS
connections
;
default
is
to
look
for
"asterisk.pem"
in
current
directory
;
tlsprivatekey
=
</
path
/
to
/
private
.
pem
>
;
Private
key
file
(*.
pem
format
only
)
for
TLS
connections
.
;
If
no
tlsprivatekey
is
specified
,
tlscertfile
is
searched
for
;
for
both
public
and
private
key
.
;
tlsprivatekey
=
/
etc
/
asterisk
/
keys
/
asterisk
.
key
;
Private
key
file
(*.
pem
format
only
)
for
TLS
connections
.
;
If
no
tlsprivatekey
is
specified
,
tlscertfile
is
searched
for
;
for
both
public
and
private
key
.
;
tlscafile
=
</
path
/
to
/
certificate
>
;
tlscafile
=
/
etc
/
asterisk
/
keys
/
ca
.
crt
;
If
the
server
your
connecting
to
uses
a
self
signed
certificate
;
you
should
have
their
certificate
installed
here
so
the
code
can
;
verify
the
authenticity
of
their
certificate
.
;
tlscapath
=
</
path
/
to
/
ca
/
dir
>
;
tlscapath
=
/
etc
/
asterisk
/
keys
/
;
A
directory
full
of
CA
certificates
.
The
files
must
be
named
with
;
the
CA
subject
name
hash
value
.
; (
see
man
SSL_CTX_load_verify_locations
for
more
info
)
;
tlsdontverifyserver
=[
yes
|
no
]
;
tlsdontverifyserver
=[
yes
|
no
]
;
If
set
to
yes
,
don
'
t
verify
the
servers
certificate
when
acting
as
;
a
client
.
If
you
don
't have the server'
s
CA
certificate
you
can
;
set
this
and
it
will
connect
without
requiring
tlscafile
to
be
set
.
;
Default
is
no
.
;
tlscipher
=
<
SSL
cipher
string
>
;
tlscipher
=
ALL
;
A
string
specifying
which
SSL
ciphers
to
use
or
not
use
;
A
list
of
valid
SSL
cipher
strings
can
be
found
at
:
;
http
://
www
.
openssl
.
org
/
docs
/
apps
/
ciphers
.
html
#CIPHER_STRINGS
;
;
tlsclientmethod
=
tlsv1
;
values
include
tlsv1
,
sslv3
,
sslv2
.
;
Specify
protocol
for
outbound
client
connections
.
;
If
left
unspecified
,
the
default
is
sslv2
.
;
tlsclientmethod
=
tlsv1
;
values
include
tlsv1
,
sslv3
,
sslv2
.
;
Specify
protocol
for
outbound
client
connections
.
;
If
left
unspecified
,
the
default
is
sslv2
.
;
;---------------------------
SIP
timers
----------------------------------------------------
;
These
timers
are
used
primarily
in
INVITE
transactions
.
...
...
@@ -1358,3 +1358,21 @@ host=dynamic
username
=
300
canreinvite
=
no
allow
=
all
[
400
]
type
=
friend
host
=
dynamic
username
=
400
canreinvite
=
no
allow
=
all
[
testphone1
]
context
=
default
type
=
friend
secret
=
savoirfairelinux
host
=
dynamic
insecure
=
invite
,
port
dtmfmode
=
rfc2833
transport
=
tls
allow
=
all
nat
=
yes
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
