[OpenSIPS-Users] TLS certificate

nir elkayam nir.elkayam at gmail.com
Tue Jan 12 19:36:35 CET 2010


hi,

is there any tutorial about how to habdle the certificate when using TLS?
i'll try to re-explain what i have understand and let me know if i get it
right.

with the opensips comes a root ca key and a sign user key.

the root ca comes from opensips should serve instade of the very-sign or any
other trusted athority.
the user certificate (user by the server) is sign by the root certificate
and thus is not identified by regular softphone (eyebeam) since the root
certificate of opensip is not trusted on my computer.

if in some way i can add trusted certificate to my client, then i will
create root certificate with opensipsctl tls rootCA and i should distribute
the generated certificate to all the client to be installed as trusted
athurity...
quastions here: does the ca.conf inside the tls directory is the
configuration file for the root certificate that i will generate?

next, user certificate.
these can be generate with "opensipsctl tls userCERT" and this sign the
generate certificate with the rootCA generated before?
if i want to use any know authority (e.g. veri-sign) i need to send them the
certificate i generate for them to sign, in this case i'll send them the
generated certificate?
also, does user.conf is the configuration for the generation of user
certificate?
what does the request.conf is for?

thanks for the help in advance,
nir
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/users/attachments/20100112/c759c88a/attachment.htm 


More information about the Users mailing list