On Thu, Feb 10, 2011 at 4:02 PM, Lars Schiller <[email protected]>wrote:
> Hi, > > using sipx 4.4.0 I am trying to import data via LDAP with TLS. OpenLDAP and > sipx are on the same server. It works as long as I do not use TLS. With a > LDAP browser like JXplorer even TLS works. > I sniffed the network traffic on the loopback interface with Wireshark. > There is a TLS Alert, Certificate Unknown. I made the certificates myself > for testing purposes. Do I need to import them? If so, it does not work. I > get the message „Unable to validate certificate“. Is anything wrong with > the certificates? > In order to import a certificate you have to use: System/Certificates/Certificate Authority. During import there is a script that validates the certificate and it accepts only certificates with .pem or .crt extension More than this, DER (binary) certificates are not accepted. You have to use a PEM certificate: If you have a DER one you can use this to transform it in PEM certificate: openssl x509 -inform der -in verisignclass3ca.cer -out verisignclass3ca.crt (from: https://www.sslshopper.com/ssl-converter.html) > But why does the LDAP browser accepts it? > Well, perhaps the LDAP browser does not use such a strong validator... > Regards, > > Lars > > _______________________________________________ > sipx-dev mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-dev/ >
_______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev/
