[Users] "client did not present a certificate"(OpenSER 1.2 + EyeBeam 1.5 + TLS) !! need help!!
yanlin
yanlin at fortinet.com
Mon Mar 26 11:23:21 CEST 2007
Hi, all,
i have been trying to test TLS support on OpenSER with EyeBeam client, but in no vain.
OpenSER keep complaining that "client did not present a certificate".
really need help! thanks in advance.
here is some info of my environment:
1) OpenSER 1.2 and EyeBeam 1.5
2) run "openserctl tls rootCA", create "cacert.pem" under /etc/openser/tls/rootCA/.
3) run "openserctl tls userCERT", create "user-calist.pem user-cert.pem user-cert_req.pem user-privkey.pem" under /etc/openser/tls/user/.
4) i have set openser.cfg as follow:
disable_tls = 0
listen = tls:172.22.14.61:5061
tls_verify_client = 0
tls_require_client_certificate = 0
tls_method = TLSv1
tls_certificate = /etc/openser/tls/user/user-cert.pem"
tls_private_key = "/etc/openser/tls/user/user-privkey.pem"
tls_ca_list = "/etc/openser/tls/user/user-calist.pem"
5) copy "/etc/openser/tls/rootCA/cacert.pem" created at step 2) to EyeBeam clinet machine, which was a Windows XP machine, run "certmrg.msc" there, import this certificate to WindowXP "root certificate store".
when run ... error occur. OpenSER complaint that "client did not present a certificate", and EyeBeam receive a "503 certificate name mismath".
Any advise will be very appreciate !!
yan lin
yanlin at fortinet.com
2007-3-26
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20070326/4c181f64/attachment.htm>
More information about the sr-users
mailing list