Hi, all,
i have been trying to test TLS support on
OpenSER with EyeBeam client, but in no vain.
OpenSER keep complaining that
"client did not present a certificate".
really need help! thanks in
advance.
here is some info of my environment:
1)
OpenSER 1.2 and EyeBeam 1.5
2) run "openserctl tls rootCA", create
"cacert.pem" under /etc/openser/tls/rootCA/.
3) run "openserctl tls
userCERT", create "user-calist.pem user-cert.pem
user-cert_req.pem user-privkey.pem" under /etc/openser/tls/user/.
4) i
have set openser.cfg as follow:
disable_tls =
0
listen = tls:172.22.14.61:5061
tls_verify_client = 0
tls_require_client_certificate =
0
tls_method = TLSv1
tls_certificate
= /etc/openser/tls/user/user-cert.pem"
tls_private_key =
"/etc/openser/tls/user/user-privkey.pem"
tls_ca_list =
"/etc/openser/tls/user/user-calist.pem"
5) copy
"/etc/openser/tls/rootCA/cacert.pem" created at step 2) to EyeBeam clinet
machine, which was a Windows XP machine, run "certmrg.msc" there, import
this certificate to WindowXP "root certificate store".
when run ... error occur. OpenSER
complaint that "client did not present a certificate", and EyeBeam receive a
"503 certificate name mismath".
Any advise will be very appreciate
!!
yan lin
2007-3-26