In dabbling around the new Certificate Authority importing capability, I came across what I may believe to be an issue.
I obtained a certificate for the Google Internet Authority and tried to import it into my system so that it could be included as a trusted authority. The importing of this certificate failed. Upon closer investigation, I noticed that when sipXconfig checks the certificate (using the check-cert.sh script), it doesn't provide any parameters as to what to check. The default in the script is to check the certificate for being valid as a Client Certficate and Server Certificate rather than just checking the Certificate Authority (done using the --certificate-authority flag). Should the checking of this certificate on import only be for the Certificate Authority and does it need to check it for use as an SSL Client and/or SSL Server certificate? Raymond _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev sipXecs IP PBX -- http://www.sipfoundry.org/
