[SR-Users] ldap SSL

Daniel-Constantin Mierla miconda at gmail.com
Thu Apr 10 09:11:41 CEST 2014 

Hello,

the module in kamailio doesn't have an option for ca list. This should 
be a configuration option for ldap server to know which trusted CA to 
use. The ldap client library should have the option to set the 
certificate and key.

Cheers,
Daniel

On 10/04/14 00:27, Slava Bendersky wrote:
> Hello Everyone,
> Tried look through documentation and couldn't find anything about it ?
> Any suggestions ?
>
>
> Slava.
>
>
> ------------------------------------------------------------------------
> *From: *"Slava Bendersky" <volga629 at networklab.ca>
> *To: *sr-users at lists.sip-router.org
> *Sent: *Monday, April 7, 2014 1:57:53 PM
> *Subject: *[SR-Users] ldap SSL
>
> Hello Everyone,
> How I can specify ldap CA cert in ldap configuration ?
>
> The directive  ca_list  bellow is ignored.
>
>
> [07/Apr/2014:13:40:37 -0400] conn=20 op=-1 fd=70 closed - Peer does 
> not recognize and trust the CA that issued your certificate.
> [07/Apr/2014:13:40:37 -0400] conn=22 op=-1 fd=64 closed - Encountered 
> end of file.
>
>
> Current config
>
> ldap_server_url = "ldaps://ds389.network.com:636"
> ldap_bind_dn = "uid=adm,ou=People,dc=network,dc=com"
> ldap_bind_password = "password"
> authtype = simple
> tls = on
> ca_list = /etc/kamailio/cert/ca-cert_ldap.pem
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20140410/3ed59016/attachment.html>

More information about the sr-users mailing list