[SR-Users] TLS certificate chain Android verification

Nord7 nordseven at gmail.com
Mon Jan 28 15:48:11 CET 2013


Hello all.

Our company buy Thawte SSL Web server certificate.

I'm enabled in Kamailio 3.3 TLS support and configured him.

Adding to "myhost.pem" certificate, two "intermediate" certificates (like
in chain) "cat myhost.pem SSL_SecondaryCA.pem SSL_PrimaryCA.pem >
chain-cert.pem".

Remark: I use this chain on apache2.  And Android trusted to this
certificate chain.

After this  i use chain-cert.pem with KAMAILIO 3.3 and SIP client "BRIA
Android". "Bria Android" says certificate is not trusted. Next step "BRIA
IPHONE" and certificate chain works (trusted)!

BRIA support says me - BRIA don't trusts certificate if system don't trusts.

Why Android don't trusts to my chain-certificates with KAMAILIO? If his
trust to same certificate with Apache?

I'm understand this is not Kamailio problem, but maybe any one who have
expirience in this problem help me? I know about bouncycastle, but this is
not best decision for me. Maybe something else can help?


I tryed this with Android 2.3.7, 4.0, 4.1.

Best regards Kirill.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20130128/0f2e9191/attachment.htm>


More information about the sr-users mailing list