[SR-Users] Kamailio TLS with intermediate CA certificates
Daniel Pocock
daniel at pocock.com.au
Sun Jan 29 14:53:48 CET 2012
>> Construct the PEM file in this exact order:
>>
>> cat server.example.com.pem > chain-server.example.com.pem
>> cat inter2.pem >> chain-server.example.com.pem
>> cat inter1.pem >> chain-server.example.com.pem
>>
>> and then, in tls.cfg:
>>
>> certificate=chain-server.example.com.pem
>>
>
> This applies to almost all OpenSSL based implementations. But it should be documented somewhere.
>
This post will probably end up in Google - so people will find it that
way (including me, when I've forgotten this little detail at some point
in the future)
It's a little bit different in Apache, where the user specifies a file
containing intermediate certs - many of the CAs give instructions for
adding that file in Apache, but they make no mention of
OpenSSL/Kamailio/concatenating everything, so I imagine people will get
stuck on things like this
More information about the sr-users
mailing list