[sr-dev] [kamailio/kamailio] add ca_path param to tls module (#2682)
juha-h
notifications at github.com
Wed Mar 17 19:30:46 CET 2021
Currently tls module has `ca_list` param that
`Sets the CA list file name. This file contains a list of all the trusted CAs certificates used when connecting to other SIP implementations. If a signature in a certificate chain belongs to one of the listed CAs, the verification of that certificate will succeed.`
This issue proposes adding a new tls param `ca_path`. Its value would be a directory that contains any number of CA certificate files thus making it unnecessary to cat these files to a single `ca_list` file.
Implementation could be based on SSL_CTX_set_default_verify_dir() OpenSSL API function.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2682
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20210317/81efd2e2/attachment.htm>
More information about the sr-dev
mailing list