Re: [reSIProcate-users] Mismatch certificate in 1.8x
You need to call the static fn: BaseSecurity::setAllowWildcardCertificates(true); from Security.hxx to enable wildcard support.
Scott
On Sun, Sep 23, 2012 at 10:16 PM, Karlsson
<boost.regex@xxxxxxxxx> wrote:
Hi, after I upgraded my softphone from resip 1.6 to 1.8.4, the TLS is not works, seems the new version has stopped accepting wildcard SSL certificates:
This is the log of 1.8.4:
INFO | 20120921-122031.556 | JonoSoftphone| RESIP:TRANSPORT | 1464 | TlsConnection.cxx:587 | TLS sessions set up with TLSv1 TLSv1/SSLv3 AES256-SHA
DEBUG | 20120921-122031.556 | JonoSoftphone| RESIP | 1464 | Security.cxx:2515 | got x509 string type=12 len=28 data="" href="http://voicegw.JonoSoftphone.com" target="_blank">voicegw.JonoSoftphone.com
DEBUG | 20120921-122031.556 | JonoSoftphone| RESIP | 1464 | Security.cxx:2518 | Found common name in cert of *.voicegw.JonoSoftphone.com
ERR | 20120921-122031.556 | JonoSoftphone| RESIP:TRANSPORT | 1464 | TlsConnection.cxx:269 | Certificate name mismatch: trying to connect to <c4.voicegw.JonoSoftphone.com> remote cert domain(s) are <*.voicegw.JonoSoftphone.com>
The log from 1.6:
INFO | 20120921-123314.212 | JonoSoftphone| RESIP:TRANSPORT | 3728 | TlsConnection.cxx:627 | TLS sessions set up with TLSv1 TLSv1/SSLv3 AES256-SHA
DEBUG | 20120921-123314.212 | JonoSoftphone| RESIP | 3728 | Security.cxx:2330 | got x509 string type=12 len=28 data="" href="http://voicegw.JonoSoftphone.com" target="_blank">voicegw.JonoSoftphone.com
DEBUG | 20120921-123314.212 | JonoSoftphone| RESIP | 3728 | Security.cxx:2333 | Found common name in cert of *.voicegw.JonoSoftphone.com
INFO | 20120921-123314.212 | JonoSoftphone| RESIP:TRANSPORT | 3728 | TlsConnection.cxx:315 | TLS handshake done for peer *.voicegw.JonoSoftphone.com
_______________________________________________
resiprocate-users mailing list
resiprocate-users@xxxxxxxxxxxxxxx
List Archive: http://list.resiprocate.org/archive/resiprocate-users/