Hi,
Sorry, but I'm still a bit lost here. What .pem files do I need to import to the Windows XP certificate store? And what was again this cert/key (pk12) that was imported to the client? Did you somehow combine the certificate and the private key or something?
I'm kind of lost with the certificates and keys and stuff. :) It would be nice if someone could write a brief example on the wiki or something about how to get eyeBeam working with OpenSER and TLS.
Regards,
Teemu
On 5/16/06, Christoph Fürstaller christoph.fuerstaller@kurtkrenn.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Klaus,
Hi Christoph!
What is the "cert/key (pk12) for the client"? Is it for TLS client authentication (the proxy requests a certificate from eyebeam)?
I'm very sorry, I'm not using client authentication. On the OpenSER Website there is an error in the TLS Tutorial. The mentioned parameter tls_verify = 1 is wrong. The correct one is tls_verify_client = 1 (as given in the README file in the sources)
After I corrected this I get that error: tls_error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
So my eyeBeam doesn't send a cert. I asked on the counterpath forum and searched the docs, but didn't found something concerning that. So, eyeBeam isn't compatible of that? Anyone knows?
If yes - how does eyebeam know which of the available client certificates it should use?
regards klaus
chris... -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFEaZ9ZR0exH8dhr/YRAhTcAKCsGpyYCLluX8MZuWtMeL2PDwwd8QCgoTul QZQCfeY2QK/+n5z36d6BxCM= =+fL3 -----END PGP SIGNATURE-----