| Scroll export button | ||||||||
|---|---|---|---|---|---|---|---|---|
|
| Info |
|---|
This document explains how to set up interconnection with operator Bayern Created: October 2022 Permalink: https://wildix.atlassian.net/wiki/x/AQD7Aw |
| Table of Contents |
|---|
Introduction
...
Upload the following CA certificates to the PBX, to the /etc/ssl/certs:
Execute the below CLI command to add these certificates to the system:
Code Block update-ca-certificates
From the operator, get the certificate file (e.g. ssl_somethingsometext.bayern.de.p12) and upload it to the PBX
On the PBX, make .key and .pem files from the .p12:
Code Block openssl pkcs12 -in ./ssl_something.bayern.de.p12 -out /etc/kamailio/ssl/ssl_something.bayern.de.key -nocerts -nodes openssl pkcs12 -in ./ssl_something.bayern.de.p12 -out /etc/kamailio/ssl/ssl_something.bayern.de.pem -clcerts -nokeys
Copy the current tls config file for SIP proxy:
Code Block cp /etc/kamailio/tls.cfg /etc/kamailio/tls_custom.cfg
- At the end of the file /etc/kamailio/tls_custom.cfg add the following block:
[client:any]
method = TLSv1.2
verify_certificate = yes
require_certificate = yes
ca_path = /etc/ssl/certs
server_name = esbc1.bybn.de
private_key = /etc/kamailio/ssl/ssl_somethingsometext.bayern.de.key
certificate = /etc/kamailio/ssl/ssl_somethingsometext.bayern.de.pem[server:10.48.130.165:5061]
method = TLSv1.2
verify_certificate = yes
require_certificate = yes
ca_path = /etc/ssl/certs
private_key = /etc/kamailio/ssl/ssl_somethingsometext.bayern.de.key
certificate = /etc/kamailio/ssl/ssl_somethingsometext.bayern.de.pem
where:
- esbc1.bybn.de = server name, which should be provided to you by the operator
- 10.48.130.165 = an IP address of your interface for connection to the operator
7. Add the below row to the file /etc/kamailio/cfg.d/host_specific_custom.cfg:
modparam("tls", "config", "/etc/kamailio/tls_custom.cfg")
8. Restart the SIP proxy service:
...