[OpenSER-Users] Probs With TLS Certificate

Ali Jawad ali.jawad at splendor.net
Fri Feb 22 16:12:05 CET 2008


Dear Klaus

Thank you for your prompt reply, I cant find a place to import certs in
X-lite..I will need to investigate this more. Is there any possible way
to encrypt communication between the server and the client without any
action on the client side.


-----Original Message-----
From: Klaus Darilion [mailto:klaus.mailinglists at pernau.at] 
Sent: Friday, February 22, 2008 4:55 PM
To: Ali Jawad
Cc: users at lists.openser.org
Subject: Re: [OpenSER-Users] Probs With TLS Certificate



Ali Jawad wrote:
> ERROR:core:tls_print_errstack: error:14094418:SSL 
> routines:SSL3_READ_BYTES:tlsv1 alert unknown ca




The server presents a certificate and the client will verify the 
certificate. Verification is done by the client by inspecting if the CA 
which signed the servers certificate is one of the local trusted (well 
known) CAs. (certificate authority)

Thus, you have to import the CA certificate into your SIP client.

regards
klaus

(read some SSL tutorials to understand how it works)

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.





More information about the Users mailing list