Which example? In the modules/tls directory I saw these:
https://github.com/kamailio/kamailio/blob/master/modules/tls/sip-router-tls.cfg
https://github.com/kamailio/kamailio/blob/master/modules/tls/tls.cfg
and they are very brief. Is there a more complete example somewhere else showing how to verify the client certificate subjectAltName or CN matches the From header of an incoming request?

In the manual:
http://kamailio.org/docs/modules/4.3.x/modules/tls.html#tls.quick_start

• this quick start section is very brief

http://kamailio.org/docs/modules/4.3.x/modules/tls.html#tls.p.tls_method

• tls_method documentation isn't clear. SSLv23_method is actually a very good default and does not actually enable SSL 3.0 or below unless those are explicitly compiled into OpenSSL. This should really be emphasized.

http://kamailio.org/docs/modules/4.3.x/modules/tls.html#tls.p.require_certificate
http://kamailio.org/docs/modules/4.3.x/modules/tls.html#tls.f.is_peer_verfied

• require_certificate and is_peer_verified are explained very briefly. Should is_peer_verified take an argument perhaps, to verify that the peer is verified for a specific URI or domain?

—
Reply to this email directly or view it on GitHub.