On Thu, Feb 6, 2014 at 3:26 AM, jaflong jaflong <jafl...@yandex.com> wrote:
> > > This is my tls.cfg for server > > [server:default] > method = TLSv1 > verify_certificate = no > require_certificate = no > private_key = /etc/asterisk/certs/proxy.key > certificate = /etc/asterisk/certs/proxy.crt > > > As far as I understand (verify_certificate = no), and (require_certificate > = no) should allow a client connecting > without certicates. > > > Can anyone understand what this debug indicates > > What is causes this error > tls_read_f(): TLS read:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 > alert unknown ca > http://lists.sip-router.org/pipermail/sr-users/2010-September/065259.html The client is rejecting the certificate. In your client, you need to either import the CA or server certificate, or turn of certificate verification. I ran into this error just yesterday and can attest to the solution, which in my case was that I used the wrong certificate in Kamailio. Corey
_______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
