[reSIProcate] Server to Server over (mutual) TLS transport
Hello,
I am developing a SIP/SIMPLE gateway that talks to a remote SIP/SIMPLE
server for exchange of presence information. (SUBSCRIBE/NOTIFY)
I am now trying to set up TLS between the two. Plowed through some of
the initial "certificate" related issues. Now the TLS connection gets
established. My gateway sends a "SUBSCRIBE sips:user" to the remote
server but gets back an error about the scheme being incorrect. This
makes sense since the correct scheme is sip, not sips.
So the gateway sends a "SUBSCRIBE sip:user" but the stack tries to
establish a TCP connection. (even though there is an existing TLS
connection to the other side). The problem is that the remote server
requires mutual TLS connections, so this attempt to establish TCP
connection fails.
My question is: Is there a trick to make the stack send the "SUBSCRIBE
sip:user" over the TLS connection that already exists?
>From what I have seen, the stack maps a sip scheme to a TCP connection
and a sips scheme to a TLS connection. Is this by design or there is
some DNS configuration magic I can do so that the stack uses TLS for sip
scheme as well?
Please let me know what additional information I can provide. I am a
newbie to SIP so pardon me if the questions are naive.
Thanks in advance.
Sandeep.