SIP Security in Yate

From Yate Documentation
Revision as of 15:28, 14 November 2012 by Dana (Talk | contribs)

Jump to: navigation, search

Yate can bind on UDP, TCP and TLS. This is done using a listener that it is a specific section in ysipchan.conf.

SIP secure it is done by building a TLS listener. Yate will bind on TLS with SRTP.

How to set a TLS listener

In ysipchan.conf: 

[listener listener-tls]
type=tls
addr=x.x.x.x
port=5061
sslcontext=server_context


SRTP Cryptographic Contexts

Each SRTP stream requires the sender and receiver to maintain cryptographic state information. This information is called the "cryptographic context".

SRTP uses two types of keys:

  • session keys(e.g., encryption or message authentication)
  • master keys - a random bit string (given by the key management protocol)

In openssl.conf 

[server_context]
enable=yes
certificate=name.crt
key=name.key


The files name.crt and name.key have to be in the same place as the configuration file in this example.

Retrieved from "https://docs.yate.ro/wiki/index.php?title=SIP_Security_in_Yate&oldid=1971"
Personal tools
Namespaces

Variants
Actions
Preface
Configuration
Administrators
Developers