I want to enable certificate validation on the server. I am only using self-signed certs.
I have the same certificate/key in the client and server and want to only allow connection from clients with this cert/key.
I have turned on the following in tls.cfg and done all the steps required in kamailio.cfg file.
[server:default]
method = TLSv1
verify_certificate = yes
require_certificate = yes
private_key = /usr/local/etc/kamailio/selfsigned.key
certificate = /usr/local/etc/kamailio/selfsigned.pem
ca_list = /usr/local/etc/sip-router/cacert.pem
[client:default] verify_certificate = yes require_certificate = yes
Any help is appreciated.
Thanks, --Jignesh
Hello,
the path provided for ca_list seems wrong compared with the rest of the paths, do you have the two of them, one with kamailio and one with sip-router?
Cheers, Daniel
On 12.04.18 14:33, Jignesh Gandhi wrote:
I want to enable certificate validation on the server. I am only using self-signed certs.
I have the same certificate/key in the client and server and want to only allow connection from clients with this cert/key.
I have turned on the following in tls.cfg and done all the steps required in kamailio.cfg file.
[server:default]
method =TLSv1
verify_certificate =yes
require_certificate =yes
private_key =/usr/local/etc/kamailio/selfsigned.key
certificate =/usr/local/etc/kamailio/selfsigned.pem
ca_list =/usr/local/etc/sip-router/cacert.pem
[client:default]
verify_certificate =yes
require_certificate =yes
Any help is appreciated.
Thanks,
--Jignesh
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-
Daniel-Constantin Mierla -
Jignesh Gandhi