Hi, Any help would be appreciated!!
Regards, Amarnath On Thu, Jun 28, 2018 at 11:56 AM Amarnath Kanchivanam < [email protected]> wrote: > Hi All, > > I'm trying to configured kamailio as TLS server with below configuration > (tls.cfg) and TLS server is started successfully. > > [server:default] > method = TLSv1+ > verify_certificate = yes > require_certificate = yes > private_key = ./sip/server.key > certificate = ./sip/server.crt > ca_list = ./bundle.crt > crl = ./sip_crl.pem > verify_depth = 9 > > [client:default] > verify_certificate = no > require_certificate = no > > TLS connection works fine. > Later i have updated the sip_crl.pem with server certificate revoked > details and performed tls.reload command to load the latest update. > After this I expect any TLS client trying to establish TLS connection > should fail, as the client and server certificates are signed by same > authority and server certificate is revoked. But the clients are able to > establish TLS connection without any errors. > > I'm not getting any traces to confirm CRL validation has been performed > before accepting the TLS connection. > > Any advice would be help to proceed with evaluating CRL functionality. > > -Amar >
_______________________________________________ Kamailio (SER) - Development Mailing List [email protected] https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-dev
