13 Jun
2013
13 Jun
'13
3:05 a.m.
Hello,
On 6/12/13 3:50 PM, Fabian Borot wrote:
Hi, please help me out with these questions:
Is it possible to configure kamailio to use different certificates, one per peer? Do we
just add them to the same "calist.pem" file?
look at tls.cfg structure, you can define sections for various cases of
acting as client or server.
Is is possible to configure kamailio to accept a certificate from another device? I mean
instead of Kamailio creating the certificate/key and give it to customer/provider. If that
is the case, do we also add it to the "calist.pem" file as well?
If all the above is true, what happens when the certificates have different expiration
dates?
The clients can be required to present a certificate. The certificate
can be generated by anyone, then it is up to your configuration to
require validation inside the library (which will be done base on
trusted CA list) or let it go to config and then use variables to check
various attributes of the certificate.
Cheers,
Daniel
--
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio Advanced Training, San Francisco, USA - June 24-27, 2013
* http://asipto.com/u/katu *