In case someone will face the same problem, here is the the correct certificate to add to Kamailio CA list: https://baltimore-cybertrust-root.chain-demos.digicert.com/info/index.html
Thank you!
ср, 11 трав. 2022 р. о 16:55 Володимир Іванець volodyaivanets@gmail.com пише:
Hello all!
According tothe "SBC doesn’t trust SIP proxy certificate" section from https://docs.microsoft.com/en-us/microsoftteams/troubleshoot/phone-system/di... I had to download and add their certificates to the CA list. I did that but Kamailio still fails to verify MS certificate.
Did anyone faced this problem?
Thank you!
вт, 10 трав. 2022 р. о 17:17 Володимир Іванець volodyaivanets@gmail.com пише:
Hello Olle!
Thank you for the hint! I checked my test server where the connection was working before and now I see the same problem. Looks like Microsoft could update certificate on their side. Will try to find appropriate root and intermediate certificates.
Thanks a lot!
чт, 5 трав. 2022 р. о 17:52 Olle E. Johansson oej@edvina.net пише:
tls_dump_cert_info(): tls_connect: server certificate issuer:/C=US/O=Microsoft Corporation/CN=Microsoft RSA TLS CA 01
THis is not sectigo signed - is my guess. It’s the other sides cert that Kamailio can’t verify. You need to add that CA cert to the Kamailio CA store.
/O
On 5 May 2022, at 14:09, Володимир Іванець volodyaivanets@gmail.com wrote:
tls_dump_cert_info(): tls_connect: server certificate issuer:/C=US/O=Microsoft Corporation/CN=Microsoft RSA TLS CA 01
Kamailio - Users Mailing List - Non Commercial Discussions
- sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: