Enforce TLS connection only in Open-sip server in voip

Question

User who has authorized TLS certificate only able to connect to Open-sip server from application (Android and iOS).

What we need to change in config file for only TLS connection to Open-sip server.

score 1 · Answer 1 · answered May 25 '16 at 11:53

You can configure the TLS certificate information in opensips.cfg file

tls_certificate="/usr/local/etc/opensips/tls/glob/glob-cert.pem"
tls_private_key="/usr/local/etc/opensips/tls/glob/glob-privkey.pem"
tls_ca_list="/usr/local/etc/opensips/tls/glob/glob-calist.pem"
## turn on the strictest and strongest authentication possible
tls_verify_client = 1
tls_require_client_certificate = 1
tls_method = TLSv1

tls_verify_client = 1 will ensure the client with authorized certificate configured in tls_ca_list file

score 0 · Accepted Answer · answered Mar 18 '16 at 14:36

0

Can you try uncommenting the line of startTLS from config file and make it true as a value?
It should work!

Also make sure that your Android and iOS clients are configured to accept TLS connections(though most of the time it's default behaviour).

answered Mar 18 '16 at 14:36

D4ttatraya

3,344
1
28
50

Enforce TLS connection only in Open-sip server in voip

2 Answers2