All geek questions in one place

Free switch: what is tls_port?

I'm starting to switch freely. I went through the vars.xml configuration file in a free switch.

In this, I saw the following configurations.

<X-PRE-PROCESS cmd="set" data="internal_auth_calls=true"/> <X-PRE-PROCESS cmd="set" data="internal_sip_port=5070"/> <X-PRE-PROCESS cmd="set" data="internal_tls_port=5071"/> <X-PRE-PROCESS cmd="set" data="internal_ssl_enable=false"/> <X-PRE-PROCESS cmd="set" data="internal_ssl_dir=$${base_dir}/conf/ssl"/>

In the question above, I doubt tls_port. What is the use of tls_port. I searched about this on the network and I read that the tls protocol is used to securely transfer data on the network.

So, please explain to me about this in freeswitch.

Thanks in advance.

+4
source share
3 answers

Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are two cryptographic protocols that allow you to communicate securely and guarantee data integrity over TCP / IP networks, for example, on the Internet.

TLS e SSL cypher communication end-to-end at the transport level. Other well-known protocols, such as TCP, UDP, provide communication at the same level.

Since TCP uses port 80 with defualt for communication, you must set the port for your TSL protocol in a free switch. This is the value of the tsl_port parameter earlier.

Keep in mind that TLS is disabled by default, set internal_ssl_enable and / or external_ssl_enable to true to enable.

+3
source

If you do not know what TLS is, you simply do not need it in freeswitch. Freeswitch uses TLS to protect SIP, but SIP tends to work without encryption, and it is often easier to debug SIP with tools like wirehark without TLS. Here you can find more information: http://wiki.freeswitch.org/wiki/Tls#TLS.2C_SSL_and_SRTP_Encryption In my opinion, it is better if you do not worry about TLS and Secure RTP, while you just scratch the surface of FreeSWITCH, there are more interesting things to learn first in my opinion. Otherwise, if you are in a production environment with very strict security requirements, you should study not only FreeSWITCH, but also the corresponding RFC !; -)

0
source

I read that Freeswitch has some distribution capabilities, and many mail servers, such as gmail or yahoo, require the sending client to have a TLS connection to them.

0
source

Source: https://habr.com/ru/post/1311486/

More articles:


All Articles