[Users] Problem registering the UA with openSER(tls enabled)
Ncheeku Baranov
opensersubscribe at gmail.com
Fri Dec 29 17:23:14 CET 2006
Yes, it worked. It came back saying that the certificate has expired, verify
return code: 10. Probably the certificate has expired and I need to generate
the new certificates..
Thanks a lot....
NCheeku
On 12/29/06, Steffen Witt <witt.steffen at googlemail.com> wrote:
>
> OK, the certificate authority (CA) is missing in your client command:
>
> openssl s_client ... -CAfile name_of_cafile.pem
>
> In my opinion a client should use a different certificate/private key
> pair but signed by the same CA.
>
>
> Best regards,
> Steffen
>
>
> 2006/12/29, Ncheeku Baranov <opensersubscribe at gmail.com>:
> > You are correct, so just for the trial purposes if I want the TLS
> handshake
> > to be successful what credentials for the client should I use? i.e. can
> I do
> > something like:
> >
> > openssl s_client -cert user-cert.pem -key user-privkey.pem -state
> -connect
> > 10.30.00.41:5061
> >
> > on doing this it comes back with an error saying Verify Return Code: 21
> > (Unable to verify the first certificate), Should I be using new
> certificates
> > or with the same set of certificates I can achive a successful
> handshake?
> >
> > Thanks a lot..
> > Ncheeku
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kamailio.org/pipermail/users/attachments/20061229/07dd9046/attachment.htm
More information about the Users
mailing list