Re: [SR-Users] Sha2 self-signed certs config in Kamilio

Hello Daniel, Thanks for the reply. Regards, Kiran From: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt; Sent: 24 April 2018 23:39 To: Kamailio (SER) - Users Mailing List &lt;sr-users(a)lists.kamailio.org&gt;rg>; Kiran Gaddam &lt;Kiran.Gaddam(a)MoviusCorp.com&gt; Cc: Jignesh Gandhi &lt;Jignesh.Gandhi(a)MoviusCorp.com&gt;om>; Pallav Kumar &lt;Pallav.Kumar(a)MoviusCorp.com&gt; Subject: Re: [SR-Users] Sha2 self-signed certs config in Kamilio Hello, set debug=3 in kamailio.cfg and look at syslog debug messages, you should get more hints about what kamailio is doing. Likely something is not configured properly or the certificates of the clients are singed by a trusted CA by your system (e.g., verisign, letsencrypt, ...). Also, you should not have same private key/public certificate in both client and server. You can become your own certificate authority and sign the certificates you put in the clients -- search the web about being your own CA. Cheers, Daniel On 13.04.18 15:05, Kiran Gaddam wrote: Hello All, I want to enable certificate validation on the server. I am only using self-signed certs. I have the same cert/key in the client and server and want to only allow connection from clients with this cert/key. I have turned on the following in tls.cfg and done all the steps required in kamailio.cfg file. But it's failed to verify certs and allowing the clients which doesn't have same certs. Please help to configure the cert/key in right way. [server:default] method = TLSv1 verify_certificate = yes require_certificate = yes private_key = /usr/local/etc/kamailio/selfsigned.key certificate = /usr/local/etc/kamailio/selfsigned.pem ca_list = /usr/local/etc/sip-router/cacert.pem [client:default] verify_certificate = yes require_certificate = yes In advance Thank you. Thanks, Kiran _______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org<mailto:sr-users@lists.kamailio.org> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla www.twitter.com/miconda<http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda<http://www.linkedin.com/in/miconda> Kamailio World Conference - May 14-16, 2018 - www.kamailioworld.com<http://www.kamailioworld.com>