[sr-dev] [kamailio/kamailio] TLS [client:default] no way to verify_certificate but not require_certificate (#551)
Anthony Messina
notifications at github.com
Fri Apr 1 00:45:13 CEST 2016
I have some Zoiper/Android clients which use TLS, but don't (yet) have the ability to specify the certificate that is used and don't seem to send a certificate when receiving a call. When Kamailio routes a call to one of these devices that register with dynamic addresses, Kamailio (acting as a client) won't be able verify the the device's (acting a a server) certificate. I'd like to set my default client settings to verify the certificate IF it is provided. Something like what is available for ```[server:default]```.
```
[client:default]
verify_certificate = yes
require_certificate = no
```
When testing to see what (if any) certificate Zoiper sends when Zoiper receives a TLS connection, I only get the following.
```
$ openssl s_client -connect 10.1.1.201:43965 -tls1 -showcerts
socket: Bad file descriptor
connect:errno=9
```
---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/551#issuecomment-204161446
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20160331/30156911/attachment.html>
More information about the sr-dev
mailing list