Hi all, I would like to use kamailio 3.1 with TLS and verified also a client certificate.
My tls.cfg file is as follow: --- tls.cfg ---- ..... ..... [server:MY_IP:5061] method = TLSv1 verify_certificate = yes require_certificate = yes private_key = default_key.pem certificate = default_cert.pem ca_list = default_ca.pem [client:default] verify_certificate = no require_certificate = no .... .... So I want to verify the client certificate, to do that I use "is_peer_verified()" function in kamailio.cfg. As tls.cfg shows, I have to send to my clients the CA certificate and the client certificate (default_cert.pem + default_key.pem - signing by the CAcert). This client certificate is unique for all clients. Everything works fine. But suppose I wanted to create a client certificate for client 1 (cert_1.crt), and a different client certificate for client 2 (cert_2.crt) and I want to configure kamailio to be able to verified this different certificates. Does it possible ? How can I configure the tls.cfg file to do that ? I try to do something like this: [server:MY_IP:5061] method = TLSv1 verify_certificate = yes require_certificate = yes private_key = default_key_1.pem certificate = default_cert_1.pem private_key = default_key_2.pem certificate = default_cert_2.pem ca_list = default_ca.pem But when kamailio restart it seems that it read only the last couple of row certifcate/private_key. Regards, Daniel G _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
