< Previous by Date | Date Index | Next by Date > |
< Previous in Thread | Thread Index | Next in Thread > |
Some notes: 1.
The code snippet you show below does not pass the cert path
that you mentioned. 2.
The Root cert must be named correctly – please see the
following link for more info: http://www.resiprocate.org/Certificates Scott From:
resiprocate-devel-bounces@xxxxxxxxxxxxxxxxxxxx
[mailto:resiprocate-devel-bounces@xxxxxxxxxxxxxxxxxxxx] On Behalf Of kapatralla
ahmed Hi folks.. I am using a Resiprocate Client in which TLS is being used
as transport...I am trying to register the same with a OpenSER server. On the server side, 1. I configured the openser.cfg (tls_verify_client =
0 & tls_request_certificate = 0) and openserctl. ( *
I am not providing the whole cfg file as I dont have with me as of now...but
its configured properly :-) ) 2. I created a RootCA using # openserctl tls rootCA at
OpenSER 3. and then use certs using # openserctl tls usercert user
at OpenSER On the Client side, 3. Then I copied the exact OpenSER cacert.pem from server to
the client machine into the path resiprocate/resip/certs which has been given
as my certs path using security object passed to the stack constructor.
Security* security = new Security; 4. Now I tried running my client which gave me the following
errors: ---------------------------------------------------------------------------------------------------------------------------------------- Error when verifying server's chain of certificates:
self signed certificate in certificate chain, depth=1
/CN=OpenSER/ST=SIP/C=IP/emailAddres ---------------------------------------------------------------------------------------------------------------------------------------- I have few questions here: 1. If just adding the cacert.pem to the client is not
enough, thn what else should I do to add the same to the trusted root CA store
of the client in resiprocate?? On OpenSER, I can do the same by appending the cacert.pem
into the ca_list.pem 2. How to solve this OpenSER certificate verification
problem at resiprocate Client side. 3. Do I need to do in addition to addin the cacert.pem at
the Client. I used Repro server ..still the same problem persists... Can someone tell me the seuqential procedures to make
resiprocate Client connect on TLS with OpenSER server and how to
solve the above said problem.. I will be very much obliged at your kind and earliest
response. Best regards, Irshad. |