[SR-Users] Require Certificate
Daniel Pocock
daniel at pocock.com.au
Fri Feb 17 19:40:00 CET 2012
On 17/02/12 19:01, Bruno Bresciani wrote:
> Hi All,
>
> Does it possible on tls module require certificates only some hosts?
Yes, you have at least two options:
a) just set the require_certificate 0 option - make sure your client
still sends it's cert even when it is not demanded - and in your
kamailio.cfg, your route logic will need to check whether a certificate
was used by the client
b) looking in tls.cfg, it appears you can set up different ports with
different TLS policies, so the clients that must send a cert could be
connecting to a port with a stricter configuration
More information about the sr-users
mailing list