Re: [reSIProcate-users] TLS mutual authentication issue

[Scott Godin <sgodin@xxxxxxxxxxxxxxx>]

Looks like you haven't assigned a TLS domain name to the TLS transport:

INFO | 20120716-110044.515 | TestApp | RESIP:TRANSPORT | 17252 | TlsTransport.cxx:59 | Creating TLS transport for domain  interface= port=62321

I'm pretty sure this name will define what certificate is returned when asked for.

Scott

On Mon, Jul 16, 2012 at 12:20 PM, Haugen Keith-CKH040 <Keith.Haugen@xxxxxxxxxxxxxxxxxxxxx> wrote:

I attached a wireshark capture and the relevant portion (up to the certificate validation failure response) of the failure.

 

From: slgodin@xxxxxxxxx [mailto:slgodin@xxxxxxxxx] On Behalf Of Scott Godin
Sent: Monday, July 16, 2012 10:26 AM
To: Haugen Keith-CKH040
Cc: resiprocate-users@xxxxxxxxxxxxxxx
Subject: Re: [reSIProcate-users] TLS mutual authentication issue

 

resiprocate should provide the certificate if it is requested.   What do you mean that it only sends a key and not a certificate?  It could be an issue with loading your certificates, or setting the domain on your TLS transport.    A wireshark trace and a DEBUG level resiprocate log would help narrow down what is happening.

 

Also - some certificate info is on wiki:  http://www.resiprocate.org/Certificates

 

Scott

On Sun, Jul 15, 2012 at 6:06 PM, Haugen Keith-CKH040 <Keith.Haugen@xxxxxxxxxxxxxxxxxxxxx> wrote:

I am having an issue where when my PBX sends a certificate request (after the client and server hello), my client using the resiprocate stack does not send back a certificate in its response (it only sends a key).  I am not sure where the issue lies (configuration, use of the stack, etc…), or where to look, and I am hoping can help me figure out what I am doing wrong.  Thanks!

_______________________________________________
resiprocate-users mailing list
resiprocate-users@xxxxxxxxxxxxxxx
List Archive: http://list.resiprocate.org/archive/resiprocate-users/