[OpenSIPS-Users] TLS verify client

Bogdan-Andrei Iancu bogdan at opensips.org
Tue Jan 3 19:07:48 UTC 2023


Hi Matt,

I guess the "require_cert" should 0 for both domains, right ?

Regards,

Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
   https://www.opensips-solutions.com
OpenSIPS Bootcamp 5-16 Dec 2022, online
   https://www.opensips.org/training/OpenSIPS_eBootcamp_2022/

On 12/23/22 9:55 PM, L S wrote:
> Hi,
> We are upgrading from 1.11.5 tls to 3.2.9. In 1.11 we had issues with 
> the client certificate so we had to set the following:
>
> # 1.11 parameters
> tls_verify_server = 1
> tls_verify_client = 0 tls_require_client_certificate = 0
>
> TLS works fine for us with those settings. Now we are trying to 
> migrate them to 3.2.9 and having issues. Just wanted to confirm
> if the following is correct way to migrate those parameters to 3.2? 
> (Just included those parameters - the domains are set up correctly)
>
> Server domain
> modparam("tls_mgm", "verify_cert", "[dom1]0")
> modparam("tls_mgm", "require_cert", "[dom1]0")
>
> Client domain
> modparam("tls_mgm", "verify_cert", "[dom2]1")
> modparam("tls_mgm", "require_cert", "[dom2]1")
>
> Thanks,
> Matt
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20230103/eeda2737/attachment.html>


More information about the Users mailing list