[OpenSIPS-Users] Client certificate validation
Fabio Spelta
spelta at gmail.com
Wed Sep 23 13:49:23 CEST 2009
Hello all;
I'm trying to setup opensips so to allow connection only from clients
which present a valid X509 certificate; both
tls_verify_client and tls_require_client_certificate are enabled (set to "1").
Well, no matter which softphone I try (eyebeam, minisip, phoner lite),
the connection fail, and I log this error:
INFO:core:tls_accept: client did not present a certificate
I was starting to wonder if the issue could be a matter of the URI:sip
SubjectAltName values in the client certificate, as proposed in the
RFC 3261; while I realized that since *every* client apparently does
not _even send_ any certificate, it could perhaps be a server side
issue.
I run opensips 1.4.1-tls in debian etch.
Any hint about how to debut this issue would be greatly appreciated.
Thank you so much,
--
Fabio
More information about the Users
mailing list