[SR-Users] Q: about CRL list (TLS)

Daniel-Constantin Mierla miconda at gmail.com
Mon Nov 2 09:02:59 CET 2015 

Hello,

is the client presenting a ssl certificate? Because the server requires
that and it seems the client doesn't sent one.

Cheers,
Daniel

On 26/10/15 15:44, Vladimer Gabunia wrote:
> this error i get back in Kamailio .log
>
>  TLS accept:error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no
> certificate returned
>
> I read on the forum that it can be linphone problem while chacking MS Crl.
> ------------------------------------------------------------------------
> *From:* sr-users [sr-users-bounces at lists.sip-router.org] on behalf of
> Daniel-Constantin Mierla [miconda at gmail.com]
> *Sent:* Monday, October 26, 2015 12:05 PM
> *To:* Kamailio (SER) - Users Mailing List
> *Subject:* Re: [SR-Users] Q: about CRL list (TLS)
>
> Hello,
>
> On 25/10/15 13:10, Vladimer Gabunia wrote:
>> hello all.
>> we compiled  kamailio with TLS Support.  but have next problem when
>> using CRL Lits.
>> Our Certificate issuing scheme is follow:
>> Offline Root CA -> Enterprise SubCA -> Server and Phone Certificate  
>> CRL list is signed by SubCA.
>> option  "require client certificate is enables (1) "
>> When we enable CRL list, phones are not registered.
>> CA file is offline RootCA   certificate in pem format.
>> We think that the reason is that СRL was signed by Subca or incorrect
>> CRL format.
>> CRL is converted from MS CRL to PEM. (What is the format for the CRL)
>> maybe someone have experiance with similar scenarios?
> the readme file of the tls module has some documentation about crl:
>
> http://www.kamailio.org/docs/modules/stable/modules/tls.html#tls.p.crl
>
> You can also try to run with debug=3 in kmailio.cfg and see more debug
> messages about what happens internally.
>
> Cheers,
> Daniel
> -- 
> Daniel-Constantin Mierla
> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
> Book: SIP Routing With Kamailio - http://www.asipto.com
> Kamailio Advanced Training, Nov 30-Dec 2, Berlin - http://asipto.com/kat
> ------------------------------------------------------------------------
> gh.ge
> *ვლადიმერ გაბუნია*
> IT სამსახურის უფროსი
> ტელ: (+995) 32 2505222 +8183
> მობ: (995) 577 095333
> შპს "ჯეო ჰოსპიტალს"
> სათავო ოფისი
> თბილისი 0160, ვაჟა-ფშაველას გამზ. № 16;
> http://www.gh.ge <http://gh.ge>

-- 
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Book: SIP Routing With Kamailio - http://www.asipto.com
Kamailio Advanced Training, Nov 30-Dec 2, Berlin - http://asipto.com/kat

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20151102/d499e0a7/attachment.html>

More information about the sr-users mailing list