Hi I need some clarifications how the TLS certificates are used in SipX. I'm not to familiar with this so please be kind =)
On installation SipX creates a keypair and sets up an internal CA to sign the certificate. This certificate is used by the Web-interface and internal services and the internal CA is shown in the "Certificates"->"Certificate Authorities" in SipX. Now, if I wanna use a trusted CA. I use the webgui to create a CSR and send this to the CA for signing. I get a signed certificate back that I now can install using the "Import Web Certficiate" option in the SipX GUI. After restart of some services I see that the Web-gui now uses the certificate signed by the trusted CA. Fine so far. The internal CA, can I remove that one now? I tried it and all services started failing... =) Is it still used internally for the services? I want to start using TLS on the SipXBridge SIPtrunk and want to use the certificate signed by the trusted CA, so I guess it's the trusted CA:s root certificate that I should install in the TLS peer? (as well as installing the peers CA cert in SipX using the "Import" option on the "Certificate Authorities" section of the Web GUI) /Staffan -- Staffan Kerker mail/sip/xmpp: [email protected] "There is absolutely no money above the 5th fret..." /Donald "Duck" Dunn
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
