[OpenSIPS-Users] TLS-issue: client certificate requested

Mon Apr 13 21:55:39 CEST 2009

Hi TLS-experts,

I have just made fresh installation of OpenSIPS 1.5.1 and also tried to
enable client access vie TLS.

The relevant statements for TLS in my opensips.cfg are:

   ...
   disable_tls = no                                   
   listen = tls:sip.technikum-wien.at:5061            
   tls_verify_server = 1                              
   tls_verify_client = 0                              
   tls_require_client_certificate = 0                 
   tls_method = TLSv1                                 
   tls_certificate = "/etc/ssl/sipserver.crt"         
   tls_private_key = "/etc/ssl/private/privatekey.pem"
   tls_ca_list = "/etc/ssl/calist.pem"                
   ...

Despite above statements the core does not accept a TLS connection of a
client due to the following log-message:
   INFO:core:tls_accept: client did not present a certificate

Please also have a look at the tracefile if required.

Why does OpenSIPS expect the client to present a certificate?
Maybe someone can help.

Regards
Franz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: trace20.pcap
Type: application/octet-stream
Size: 5037 bytes
Desc: not available
Url : http://lists.opensips.org/pipermail/users/attachments/20090413/1b53e031/attachment.obj 