On Tue, 2008-11-18 at 10:49 -0600, Jerry Richards wrote: > Anyone know the answer to the question below? Does sofia-sip only use > "agent.pem" and "cafile.pem"? No other pem files are needed or specified? > I'm somewhat new to SSL/TLS.
Correct. "cafile.pem" should be the certs from all certificate authorities that sofia-sip should trust. If trust should be derived from multiple CAs, simply concatenate the certs from each authority together into that file. The file could look like any one of these (hotlinked): http://ca.dutchgrid.nl/medium/cacert.pem http://svn.apache.org/repos/asf/ofbiz/trunk/framework/base/cert/demoCA/cacert.pem http://curl.haxx.se/ca/cacert.pem "agent.pem" is the private key and associated certificate for the sofia stack. This is the key/cert that will identify the sofia stack. If your stack has to be authenticated by a peer, the certificate you provide must be signed by a CA that is trusted by the peer in question. If authentication is performed by some other means, the certificate in agent.pem can be self-signed. Note that the key and the certificate are concatenated together. ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Sofia-sip-devel mailing list Sofia-sip-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sofia-sip-devel
