SIP Security in Yate

From Yate Documentation
(Difference between revisions)
Jump to: navigation, search
Line 2: Line 2:
 
Yate can bind on UDP, TCP and TLS. This is done using a '''listener''' that it is a specific section in [[SIP Configuration File#Configuration File|ysipchan.conf]].
 
Yate can bind on UDP, TCP and TLS. This is done using a '''listener''' that it is a specific section in [[SIP Configuration File#Configuration File|ysipchan.conf]].
  
SIP secure it is done by building a TLS listener. Yate will bind on TLS with [http://en.wikipedia.org/wiki/Secure_Real-time_Transport_Protocol SRTP]
+
SIP secure it is done by building a TLS listener. Yate will bind on TLS with [http://en.wikipedia.org/wiki/Secure_Real-time_Transport_Protocol SRTP].
 +
 
 +
=== How to set a TLS listener ===
 +
 
 +
In ysipchan.conf:
 +
 
 +
[listener listener-tls]
 +
type=tls
 +
addr=x.x.x.x
 +
port=5061
 +
sslcontext=server_context
 +
 
 +
In openssl.conf
 +
 
 +
[server_context]
 +
enable=yes
 +
certificate=name.crt
 +
key=name.key
 +
 
 +
The files name.crt and name.key have to be in the same place as the configuration file in this example.

Revision as of 15:08, 14 November 2012

Yate can bind on UDP, TCP and TLS. This is done using a listener that it is a specific section in ysipchan.conf.

SIP secure it is done by building a TLS listener. Yate will bind on TLS with SRTP.

How to set a TLS listener

In ysipchan.conf:

[listener listener-tls]
type=tls
addr=x.x.x.x
port=5061
sslcontext=server_context

In openssl.conf

[server_context] enable=yes certificate=name.crt key=name.key

The files name.crt and name.key have to be in the same place as the configuration file in this example.

Personal tools
Namespaces

Variants
Actions
Preface
Configuration
Administrators
Developers