pjsip: Clarify certificate configuration for Websocket.

The Websocket transport uses the built-in HTTP server. As a result the TLS configuration is done in http.conf and not in pjsip.conf. This change adds a warning if this is configured in pjsip.conf and also clarifies in the sample configuration file. Change-Id: I187d994d328c3ed274b6754fd4c2a4955bdc6dd9
2025-09-03 11:25:35 +00:00 · 2018-07-02 20:44:53 -03:00
parent efe2ba43ca
commit de5144e751
3 changed files with 22 additions and 16 deletions
--- a/configs/samples/pjsip.conf.sample
+++ b/configs/samples/pjsip.conf.sample
@@ -862,10 +862,13 @@
 ;==========================TRANSPORT SECTION OPTIONS=========================
 ;[transport]
 ;  SYNOPSIS: SIP Transport
+;
 ;async_operations=1     ; Number of simultaneous Asynchronous Operations
                        ; (default: "1")
 ;bind=  ; IP Address and optional port to bind to for this transport (default:
        ; "")
+; Note that for the Websocket transport the TLS configuration is configured
+; in http.conf and is applied for all HTTPS traffic.
 ;ca_list_file=  ; File containing a list of certificates to read TLS ONLY
                ; (default: "")
 ;ca_list_path=  ; Path to directory containing certificates to read TLS ONLY.
@@ -883,6 +886,13 @@
                ; different, at least OpenSSL 1.0.2 is required.
                ; (default: "")
 ;cipher=        ; Preferred cryptography cipher names TLS ONLY (default: "")
+;method=        ; Method of SSL transport TLS ONLY (default: "")
+;priv_key_file= ; Private key file TLS ONLY (default: "")
+;verify_client= ; Require verification of client certificate TLS ONLY (default:
+                ; "")
+;verify_server= ; Require verification of server certificate TLS ONLY (default:
+                ; "")
+;require_client_cert=   ; Require client certificate TLS ONLY (default: "")
 ;domain=        ; Domain the transport comes from (default: "")
 ;external_media_address=        ; External IP address to use in RTP handling
                                ; (default: "")
@@ -890,17 +900,10 @@
                                ; "")
 ;external_signaling_port=0      ; External port for SIP signalling (default:
                                ; "0")
-;method=        ; Method of SSL transport TLS ONLY (default: "")
 ;local_net=     ; Network to consider local used for NAT purposes (default: "")
 ;password=      ; Password required for transport (default: "")
-;priv_key_file= ; Private key file TLS ONLY (default: "")
 ;protocol=udp   ; Protocol to use for SIP traffic (default: "udp")
-;require_client_cert=   ; Require client certificate TLS ONLY (default: "")
 ;type=  ; Must be of type transport (default: "")
-;verify_client= ; Require verification of client certificate TLS ONLY (default:
-                ; "")
-;verify_server= ; Require verification of server certificate TLS ONLY (default:
-                ; "")
 ;tos=0  ; Enable TOS for the signalling sent over this transport (default: "0")
 ;cos=0  ; Enable COS for the signalling sent over this transport (default: "0")
 ;websocket_write_timeout=100    ; Default write timeout to set on websocket