[asterisk-commits] bbryant: trunk r104088 - in /trunk: configs/sip.conf.sample doc/siptls.txt

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Mon Feb 25 13:00:17 CST 2008 

Author: bbryant
Date: Mon Feb 25 13:00:16 2008
New Revision: 104088

URL: http://svn.digium.com/view/asterisk?view=rev&rev=104088
Log:
Adding more tls configuration details to sip.conf sample, with a list of valid ciphers provided in both files. .. First commit since July, woot

Modified:
    trunk/configs/sip.conf.sample
    trunk/doc/siptls.txt

Modified: trunk/configs/sip.conf.sample
URL: http://svn.digium.com/view/asterisk/trunk/configs/sip.conf.sample?view=diff&rev=104088&r1=104087&r2=104088
==============================================================================
--- trunk/configs/sip.conf.sample (original)
+++ trunk/configs/sip.conf.sample Mon Feb 25 13:00:16 2008
@@ -83,6 +83,27 @@
 
 ;tlscertfile=asterisk.pem	; Certificate file (*.pem only) to use for TLS connections 
 			 	; default is to look for "asterisk.pem" in current directory
+
+;tlscafile=</path/to/certificate>
+;	If the server your connecting to uses a self signed certificate
+;	you should have their certificate installed here so the code can 
+;	verify the authenticity of their certificate.
+
+;tlscadir=</path/to/ca/dir>
+;	A directory full of CA certificates.  The files must be named with 
+;	the CA subject name hash value. 
+;	(see man SSL_CTX_load_verify_locations for more info) 
+
+;tlsdontverifyserver=[yes|no]
+;	If set to yes, don't verify the servers certificate when acting as 
+;	a client.  If you don't have the server's CA certificate you can
+;	set this and it will connect without requiring tlscafile to be set.
+;	Default is no.
+
+;tlscipher=<SSL cipher string>
+;	A string specifying which SSL ciphers to use or not use
+;	A list of valid SSL cipher strings can be found at: 
+;		http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
 
 srvlookup=yes			; Enable DNS SRV lookups on outbound calls
 				; Note: Asterisk only uses the first host 

Modified: trunk/doc/siptls.txt
URL: http://svn.digium.com/view/asterisk/trunk/doc/siptls.txt?view=diff&rev=104088&r1=104087&r2=104088
==============================================================================
--- trunk/doc/siptls.txt (original)
+++ trunk/doc/siptls.txt Mon Feb 25 13:00:16 2008
@@ -47,6 +47,8 @@
 
 tlscipher=<SSL cipher string>
 	A string specifying which SSL ciphers to use or not use
+	A list of valid SSL cipher strings can be found at: 
+		http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
 
 
 Sample config

More information about the asterisk-commits mailing list