[OpenSIPS-Users] TLS-issue: client certificate requested
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Wed Apr 15 14:34:28 CEST 2009
Hi Franz,
By disabling tls_verify_client and tls_require_client_certificate any
connection from a client should be accepted without any problem.
usefull is to provide the logs (startup and INVITE processing) in
debug=6 - than we can see exactly what is going one.
Regards,
Bogdan
Franz Edler wrote:
> Hi TLS-experts,
>
> I have just made fresh installation of OpenSIPS 1.5.1 and also tried to
> enable client access vie TLS.
>
> The relevant statements for TLS in my opensips.cfg are:
>
> ...
> disable_tls = no
> listen = tls:sip.technikum-wien.at:5061
> tls_verify_server = 1
> tls_verify_client = 0
> tls_require_client_certificate = 0
> tls_method = TLSv1
> tls_certificate = "/etc/ssl/sipserver.crt"
> tls_private_key = "/etc/ssl/private/privatekey.pem"
> tls_ca_list = "/etc/ssl/calist.pem"
> ...
>
> Despite above statements the core does not accept a TLS connection of a
> client due to the following log-message:
> INFO:core:tls_accept: client did not present a certificate
>
> Please also have a look at the tracefile if required.
>
> Why does OpenSIPS expect the client to present a certificate?
> Maybe someone can help.
>
> Regards
> Franz
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
More information about the Users
mailing list