[OpenSIPS-Devel] TLS parameter meaning
Vlad Patrascu
vladp at opensips.org
Tue Jul 9 12:20:33 EDT 2019
Hi Dan,
The docs were outdated for these parameters so I've updated the
explanation. You can now check out the proper one.
Regards,
Vlad Patrascu
OpenSIPS Developer
http://www.opensips-solutions.com
On 06/27/2019 03:10 PM, Dan Pascu wrote:
> The documentation on tls_mgm says this about verify_cert and require_cert:
>
> ---------------------
>
> 1.8.10. verify_cert ([domain](string) and require_cert ([domain](string)
>
> Technically, verify_cert activates SSL_VERIFY_PEER in the ssl_context. 'require_cert' does the same with SSL_VERIFY_FAIL_IF_NO_PEER_CERT, which is only possible if SSL_VERIFY_PEER is also turned on. Since version 2.1, these parameters act have been reduced to only one. The domain part represents the name of the TLS domain.
>
> These two parameters are used for incoming TLS connections, where OpenSIPS acts as server.
>
> ---------------------
>
> So what is the meaning of these options for a client domain, given that the documentation explicitly mentions that they are used for incoming connections?
>
> --
> Dan
>
>
>
>
>
> _______________________________________________
> Devel mailing list
> Devel at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/devel
More information about the Devel
mailing list