Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.
Have a certificate with the following Subject Alternative Name value:
DNS:www.company.net, DNS:company.com, DNS: company.net
Calling $tls_peer_san_hostname (and the other pv's/select that reference SAN) only returns www.company.net (first entry)
This does not support the spec which allows multiple entries (rfc2459 I believe).
Logged values of different SAN back select and pseudovariables and only appears to return the first entries.
Create a self signed certificate with multiple alt names (I used this as a guide: https://support.citrix.com/article/CTX135602/how-to-create-a-selfsigned-san-certificate-using-openssl-on-citrix-adc-appliance)
Updated my Kamailio config to log different tls pv and selects (eg tls_peer_san_hostname, @tls.peer.dns select, but others as well)
Confirm only one value is provided.
[www.company.net] is the only value present in the corresponding variables
Update variables to provide access to SAN entries to return all the values
Create new variable to provide access to all SAN entries
https://www.kamailio.org/wiki/cookbooks/5.1.x/pseudovariables#tls_peer_san_hostname
http://www.kamailio.org/wiki/cookbooks/5.2.x/selects#tlspeerdns
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.