wiki:TLS

Version 6 (modified by bennylp, 11 years ago) (diff)

--

Configuring PJSIP with TLS

Requirements

The TLS support in PJSIP requires OpenSSL development kit (headers and libs) to be installed. Please see Getting Started page for more info.

Build PJSIP with TLS Support

Add this in config_site.h:

#define PJSIP_HAS_TLS_TRANSPORT 1

And rebuild PJSIP.

Running pjsua as TLS Server

  1. Run pjsua:
    $ ./pjsua --use-tls --tls-ca-file root.pem --tls-cert-file server-cert.pem --tls-privkey-file privkey.pem
    
    

Running pjsua as TLS Client

To make call to SERVER using TLS:

$ ./pjsua --use-tls sip:SERVER;transport=tls

Configuring Other User Agents

EyeBeam

Install CACert certificate of authority:

  1. Run Internet Explorer browser
  2. Open https://www.cacert.org/index.php?id=3
  3. Click the link in the page that says to install certificate with IE

Restart EyeBeam

Notes:

  1. EyeBeam verifies the server name against commonName field of the certificate, so make sure commonName matches the hostname being contacted by EyeBeam