Differences

This shows you the differences between two versions of the page.

--- tutorials:tls:testing-and-debugging [2013/05/23 17:34]
klaus3000 [Decoding of TLS Connections with Wireshark]
+++ tutorials:tls:testing-and-debugging [2017/04/28 21:55] (current)
mslehto [Unencrypted TLS (NULL cipher)]
@@ Line 140: / Line 140: @@
 ===== Unencrypted TLS (NULL cipher)  =====
-TLS allows unencrypted useage when using the NULL cipher. This is very useful for debugging TLS connection, as you immediately see the SIP traffic.
+TLS allows unencrypted usage when using the NULL cipher. This is very useful for debugging TLS connection, as you immediately see the SIP traffic.
 The NULL cipher is usually disabled, thus it must be explicitly enabled. In Kamailio this can be done by configuring the TLS module:
@@ Line 157: / Line 157: @@
   * Chrome: Windows certificate store
   * Firefox: Dedicated Firefox certificate store
+  * Asterisk: Configured in sip.conf
 ===== SIP Clients with TLS Client Certificate Support =====
@@ Line 163: / Line 164: @@
   * QjSimple: select private key and certificate file in configuration dialog
   * Jitis: Settings -> Advanced -> TLS
+==== Trunking with Microsoft Lync ====
+For Microsoft Lync it is very important that the CN in the Kamailio server (and client) certificate use the name configured in the Topology as the PSTN trunk. Other names may be in the SubjectAltName fields.
+Lync by default asks for a TLS client certificate when connecting to it using TLS. MS calls this MTLS - Mutual TLS.
+  * Microsoft: TLS and MTLS in Lync http://technet.microsoft.com/en-us/library/gg195752(v=ocs.14).aspx

Kamailio SIP Server Wiki

User Tools

Site Tools

Differences

Page Tools