Hi Franz, By disabling tls_verify_client and tls_require_client_certificate any connection from a client should be accepted without any problem.
usefull is to provide the logs (startup and INVITE processing) in debug=6 - than we can see exactly what is going one. Regards, Bogdan Franz Edler wrote: > Hi TLS-experts, > > I have just made fresh installation of OpenSIPS 1.5.1 and also tried to > enable client access vie TLS. > > The relevant statements for TLS in my opensips.cfg are: > > ... > disable_tls = no > listen = tls:sip.technikum-wien.at:5061 > tls_verify_server = 1 > tls_verify_client = 0 > tls_require_client_certificate = 0 > tls_method = TLSv1 > tls_certificate = "/etc/ssl/sipserver.crt" > tls_private_key = "/etc/ssl/private/privatekey.pem" > tls_ca_list = "/etc/ssl/calist.pem" > ... > > Despite above statements the core does not accept a TLS connection of a > client due to the following log-message: > INFO:core:tls_accept: client did not present a certificate > > Please also have a look at the tracefile if required. > > Why does OpenSIPS expect the client to present a certificate? > Maybe someone can help. > > Regards > Franz > > ------------------------------------------------------------------------ > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > _______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
