[OpenSIPS-Users] Usage of TLS require_cert and verify_cert settings

Adrian Georgescu ag at ag-projects.com
Thu Apr 22 14:15:23 EST 2021


I have a question.

I have the following TLS scenarios:

1) A local user for a domain I own, connects to my server using TLS. If the domain is local, I will authenticate the user against my database and I do not care if the user has a certificate
2) A remote server, connects to my server using TLS and pretends that is domainX.com. In such case, the only way to verify that this is true is by requiring a certificate and verify it

So there is a logic split between when to require and how to verify a certificate depending on the fact that we deal with a local user or a foreign domain.

I would like to know if is possible to set require_cert and verify_cert on the fly, while routing packets, instead of configuring them statically per domain.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20210422/8a36dfe3/attachment.html>

More information about the Users mailing list