[SR-Users] ssl error
Corey Edwards
tensai at zmonkey.org
Fri Feb 7 00:25:25 CET 2014
On Thu, Feb 6, 2014 at 3:26 AM, jaflong jaflong <jaflong at yandex.com> wrote:
>
>
> This is my tls.cfg for server
>
> [server:default]
> method = TLSv1
> verify_certificate = no
> require_certificate = no
> private_key = /etc/asterisk/certs/proxy.key
> certificate = /etc/asterisk/certs/proxy.crt
>
>
> As far as I understand (verify_certificate = no), and (require_certificate
> = no) should allow a client connecting
> without certicates.
>
>
> Can anyone understand what this debug indicates
>
> What is causes this error
> tls_read_f(): TLS read:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1
> alert unknown ca
>
http://lists.sip-router.org/pipermail/sr-users/2010-September/065259.html
The client is rejecting the certificate. In your client, you need to either
import the CA or
server certificate, or turn of certificate verification. I ran into this
error just yesterday and
can attest to the solution, which in my case was that I used the wrong
certificate in
Kamailio.
Corey
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20140206/afb45c78/attachment.html>
More information about the sr-users
mailing list