Hi Phil, Previous screenshot was cut by mailing list, so it is here https://screenshot.net/yzggmfv
I've sent DNs for all CAs, which has Centos 7 (/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem). There are 133 CAs. You can build and try branch 3.0: https://github.com/vasilevalex/opensips/tree/mutual_tls branch 2.4: https://github.com/vasilevalex/opensips/tree/ca_client_24 If you use certificates in DB (as I do), you should add one more column (eg. for MySQL): ALTER TABLE tls_mgm_alone ADD COLUMN ca_client_send INT(1) DEFAULT 0; And set it to 1. If you don't use certificates from DB, there is parameter for domain: modparam("tls_mgm", "ca_client_send", "[dom]1") For this domain OpenSIPS adds DNs to Certificate request. ----- --- Alexey Vasilyev -- Sent from: http://opensips-open-sip-server.1449251.n2.nabble.com/OpenSIPS-Users-f1449235.html _______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
