<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<font face="monospace">Hi Matt,<br>
<br>
I guess the "require_cert" should 0 for both domains, right ?<br>
<br>
Regards,<br>
</font>
<pre class="moz-signature" cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a class="moz-txt-link-freetext" href="https://www.opensips-solutions.com">https://www.opensips-solutions.com</a>
OpenSIPS Bootcamp 5-16 Dec 2022, online
<a class="moz-txt-link-freetext" href="https://www.opensips.org/training/OpenSIPS_eBootcamp_2022/">https://www.opensips.org/training/OpenSIPS_eBootcamp_2022/</a></pre>
<div class="moz-cite-prefix">On 12/23/22 9:55 PM, L S wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAPVhdZ_L0dj4mqFKryrNkFzTUp7mtEo7UqhsryHHqBxPMtbb2A@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="auto"><span style="font-size:16px">Hi,</span><br
style="font-size:12.8px">
<span style="font-size:16px">We are upgrading from 1.11.5 tls to
3.2.9. In 1.11 we had issues with the client certificate so we
had to set the following:</span><span style="font-size:12.8px"></span><br
style="font-size:12.8px">
<br style="font-size:12.8px">
<span style="font-size:16px"># 1.11 parameters</span><br
style="font-size:12.8px">
<span style="font-size:16px">tls_verify_server = 1</span><br
style="font-size:12.8px">
<span style="font-size:16px">tls_verify_client = 0
tls_require_client_certificate = 0</span><span
style="font-size:12.8px"></span><br style="font-size:12.8px">
<br style="font-size:12.8px">
<span style="font-size:16px">TLS works fine for us with those
settings. Now we are trying to migrate them to 3.2.9 and
having issues. Just wanted to confirm</span><br
style="font-size:12.8px">
<span style="font-size:16px">if the following is correct way to
migrate those parameters to 3.2? (Just included those
parameters - the domains are set up correctly)</span><span
style="font-size:12.8px"></span><br style="font-size:12.8px">
<br style="font-size:12.8px">
<span style="font-size:16px">Server domain</span><br
style="font-size:12.8px">
<span style="font-size:16px">modparam("tls_mgm", "verify_cert",
"[dom1]0")</span><br style="font-size:12.8px">
<span style="font-size:16px">modparam("tls_mgm", "require_cert",
"[dom1]0")</span><span style="font-size:12.8px"></span><br
style="font-size:12.8px">
<br style="font-size:12.8px">
<span style="font-size:16px">Client domain</span><br
style="font-size:12.8px">
<span style="font-size:16px">modparam("tls_mgm", "verify_cert",
"[dom2]1")</span><br style="font-size:12.8px">
<span style="font-size:16px">modparam("tls_mgm", "require_cert",
"[dom2]1")</span><span style="font-size:12.8px"></span><br
style="font-size:12.8px">
<br style="font-size:12.8px">
<span style="font-size:16px">Thanks,</span><br
style="font-size:12.8px">
<span style="font-size:16px">Matt</span></div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>
<a class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
</blockquote>
<br>
</body>
</html>