tls: small updates to tls config

(cherry picked from commit a0b6b3a)
kamailio · Feb 22, 2018 · 64e6301 · 64e6301
1 parent 894b1ab
commit 64e6301
Showing 1 changed file with 12 additions and 11 deletions.
diff --git a/src/modules/tls/tls.cfg b/src/modules/tls/tls.cfg
@@ -17,8 +17,8 @@ verify_certificate = no
 require_certificate = no
 private_key = /usr/local/etc/kamailio/kamailio-selfsigned.key
 certificate = /usr/local/etc/kamailio/kamailio-selfsigned.pem
-#ca_list = ./modules/tls/cacert.pem
-#crl = ./modules/tls/crl.pem
+#ca_list = /usr/local/etc/kamailio/tls/cacert.pem
+#crl = /usr/local/etc/kamailio/tls/crl.pem
 
 # This is the default client domain, settings
 # in this domain will be used for all outgoing
@@ -27,6 +27,7 @@ certificate = /usr/local/etc/kamailio/kamailio-selfsigned.pem
 # We require that servers present valid certificate.
 #
 [client:default]
+#method = TLSv1
 verify_certificate = yes
 require_certificate = yes
 
@@ -39,25 +40,25 @@ require_certificate = yes
 # interface.
 #
 #[server:127.0.0.1:5061]
-#method = SSLv23
+#method = TLSv1
 #verify_certificate = yes
 #require_certificate = no
-#private_key = ./modules/tls/local_key.pem
-#certificate = ./modules/tls/local_cert.pem
+#private_key = /usr/local/etc/kamailio/tls/local_key.pem
+#certificate = /usr/local/etc/kamailio/tls/local_cert.pem
 #verify_depth = 3
 #ca_list = local_ca.pem
 #crl = local_crl.pem
 
-# Special settings for the iptel.org public SIP
+# Special settings for the example.sip (1.2.3.4) public SIP
 # server. We do not verify the certificate of the
 # server because it can be expired. The server
 # implements authentication using SSL client
 # certificates so configure the client certificate
 # that was given to use by iptel.org staff here.
 #
-#[client:195.37.77.101:5061]
+#[client:1.2.3.4:5061]
 #verify_certificate = no
-#certificate = ./modules/tls/iptel_client.pem
-#private_key = ./modules/tls/iptel_key.pem
-#ca_list = ./modules/tls/iptel_ca.pem
-#crl = ./modules/tls/iptel_crl.pem
+#certificate = /usr/local/etc/kamailio/tls/example_client.pem
+#private_key = /usr/local/etc/kamailio/tls/example_key.pem
+#ca_list = /usr/local/etc/kamailio/tls/example_ca.pem
+#crl = /usr/local/etc/kamailio/tls/example_crl.pem