[SR-Users] TLS
Moacir Ferreira
moacirferreira at hotmail.com
Mon May 27 22:59:48 CEST 2013
Thanks for the clarifications.
Now, when we ask the client to have a certificate, where do we control what client certificates will be accepted?
I.e.: I don't want any valid certificate to authentcate but only those ones I accept as valid.
Moacir
> Date: Thu, 23 May 2013 10:34:09 +0200
> From: klaus.mailinglists at pernau.at
> To: miconda at gmail.com; sr-users at lists.sip-router.org
> Subject: Re: [SR-Users] TLS
>
>
>
> On 22.05.2013 11:19, Daniel-Constantin Mierla wrote:
> >>>
> >>> - Finally, do you know any free softphone that implements mutual TLS
> >>> authentication?
> >>
> >> I am not aware of any.
> >
> > Like the softphone authenticating the server based on server certificate?
>
> MTLS just means, that the TLS server requires a certificate from the TLS
> client. Thus, between SIP clients and SIP server this merely means that
> not only the client authenticates the proxy, but the proxy also
> authenticates the client based on the client's TLS certificate.
>
> Nice that Jitsi supports it - although I failed to configure Jitsi :-)
> If someone fails configuring TLS for Jitsi, see this howto:
> http://www.resiprocate.org/ReproMutualTLSAuthenticationJitsi#Setting_up_Jitsi
>
> I just found out that my QjSimple [1] also supports client certificates :-)
>
>
> regards
> Klaus
>
> [1] http://www.ipcom.at/en/telephony/qjsimple/
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20130527/26837e60/attachment.html>
More information about the sr-users
mailing list