Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • If TLS support is not included in your installation, get OpenSER 1.2 with TLS. This example uses the source code at
    http://www.openser.org/pub/openser/latest/src/openser-1.2.0-tls_src.tar.gz
  • Carefully observe the installation notes:
    http://www.openser.org/mos/view/-OpenSER-Installation-Notes/
  • Either you enforce to use user accounts or you have 
  • Special care should be taken to install the packages:
    • mysql-server
    • libmysqlclient-dev
    • libssl0.9.8-dev
  • Make sure you build openser including TLS. There are several options, like changing the line in the makefile to the following:
    TLS=1
    and that you include mysql support:
    make all include_modules="mysql"
    make install
    Note
    titleNote: file locations differ

    Note that the compiled version puts openser in different directory compared to the openser package. The config file is in
    /usr/local/etc/openser/openser.cfg
    and the modules are in
    /usr/local/lib/openser/modules
    and the certificate information is in
    /usr/local/etc/openser/tls/user 

  • run mysqldb.sh to create the database
  • add the certificate chain of domainA in PEM format to the CA list file in
    /usr/local/etc/openser/user/user-calist.pem
    You can open the file in a text editor and add the certificate string at the end of the file. 
  • put the private key and public key of the server certificate in
    /usr/local/etc/openser/tls/user/user_privkey.pem and
    /usr/local/etc/openser/tls/user/user_cert.pem
    (you're free to choose file names and locations, these are the config defaults)

...