On Fri, 2008-11-21 at 15:23 +0200, Tufan Karadere wrote: > > This, again I guess, may be something with our certificates, which are > signed by our own CA. I put the CA cert into /etc/sipxpbx/ssl/cacert > and it built the /etc/sipxpbx/ssl/.authorities.jks file, but I don't > know. The hostname of the server (padme) is different from the > hostname it gives the service with (sip), perhaps it's the cause, but > I couldn't find a way to make everything use the "sip" hostname. In > some logs, the default hostname still appears.
This may well be at the root of your problems. I'm not clear on what you mean by the hostname being different, but it doesn't sound good. The sipXecs SSL usages require that the certificates be built as specified in http://www.ietf.org/internet-drafts/draft-ietf-sip-domain-certs-02.txt in short, the host name in the subjectAltName attribute of the cert should match. If you'll post (or send me) the public part of your certificate, including the public part of the ca certificate, I can check them to see if they are compatible with our expectations (I'm travelling much of today, so I won't see any reply until tomorrow morning). _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users
