Currently tls module has ca_list
param that
Sets the CA list file name. This file contains a list of all the trusted CAs certificates used when connecting to other SIP implementations. If a signature in a certificate chain belongs to one of the listed CAs, the verification of that certificate will succeed.
This issue proposes adding a new tls param ca_path
. Its value would be a directory that contains any number of CA certificate files thus making it unnecessary to cat these files to a single ca_list
file.
Implementation could be based on SSL_CTX_set_default_verify_dir() OpenSSL API function.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.