[SR-Users] Kamailio TLS with intermediate CA certificates
Daniel Pocock
daniel at pocock.com.au
Sun Jan 29 22:27:36 CET 2012
On 29/01/12 21:47, Iñaki Baz Castillo wrote:
> 2012/1/29 Daniel Pocock <daniel at pocock.com.au>:
>> It's a little bit different in Apache, where the user specifies a file
>> containing intermediate certs - many of the CAs give instructions for
>> adding that file in Apache, but they make no mention of
>> OpenSSL/Kamailio/concatenating everything, so I imagine people will get
>> stuck on things like this
>
> If your certificate is not signed by a root CA then you will be also
> provided with an intermediary certificate which is signed by a root
> CA, and that intermediary certificate validates yours.
>
> So to use it, you must take your public certificate and the
> intermediate certificate in PEM format and concatenate both, having
> your public certificate at the top of the resulting file.
>
Yes, that is exactly what I described in my original post - it is
working fine too
I notice that Asterisk needs to be patched to do it the way Kamailio does:
https://issues.asterisk.org/jira/browse/ASTERISK-17727
More information about the sr-users
mailing list