29 jan 2012 kl. 22:27 skrev Daniel Pocock: > > > On 29/01/12 21:47, Iñaki Baz Castillo wrote: >> 2012/1/29 Daniel Pocock <dan...@pocock.com.au>: >>> It's a little bit different in Apache, where the user specifies a file >>> containing intermediate certs - many of the CAs give instructions for >>> adding that file in Apache, but they make no mention of >>> OpenSSL/Kamailio/concatenating everything, so I imagine people will get >>> stuck on things like this >> >> If your certificate is not signed by a root CA then you will be also >> provided with an intermediary certificate which is signed by a root >> CA, and that intermediary certificate validates yours. >> >> So to use it, you must take your public certificate and the >> intermediate certificate in PEM format and concatenate both, having >> your public certificate at the top of the resulting file. >> > > Yes, that is exactly what I described in my original post - it is > working fine too > > I notice that Asterisk needs to be patched to do it the way Kamailio does: > > https://issues.asterisk.org/jira/browse/ASTERISK-17727
The Asterisk TCP/TLS implementation is marked experimental for a reason. And it's been that way for many years. /O _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
