Thanks Daniel<br><br>but I have some problems...<br><br>a) my SIP gateway doesn&#39;t send the certificate when it isn&#39;t demanded...<br><br>b) I was reading about TLS specific config file (tls.cfg), but my requirements doesn&#39;t allow to configure differents TLS ports.<br>
<br>Do you have other idea?<br><br>Best Regards<br><br><br><br><div class="gmail_quote">2012/2/17 Daniel Pocock <span dir="ltr">&lt;<a href="mailto:daniel@pocock.com.au">daniel@pocock.com.au</a>&gt;</span><br><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div class="im"><br>
<br>
On 17/02/12 19:01, Bruno Bresciani wrote:<br>
&gt; Hi All,<br>
&gt;<br>
&gt; Does it possible on tls module require certificates only some hosts?<br>
<br>
</div>Yes, you have at least two options:<br>
<br>
a) just set the require_certificate 0 option - make sure your client<br>
still sends it&#39;s cert even when it is not demanded - and in your<br>
kamailio.cfg, your route logic will need to check whether a certificate<br>
was used by the client<br>
<br>
b) looking in tls.cfg, it appears you can set up different ports with<br>
different TLS policies, so the clients that must send a cert could be<br>
connecting to a port with a stricter configuration<br>
<br>
_______________________________________________<br>
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list<br>
<a href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a><br>
<a href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users" target="_blank">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a><br>
</blockquote></div><br>