[Freeswitch-users] Help!! FS -TLS interworking issue, How to config to allow "gentls_cert" to generate a root certificate with more longer valid-period ?
fieldpeak
fieldpeak at gmail.com
Mon Jul 30 04:57:03 MSD 2012
Could you please help advise more details? how should i do to implement
your advise... i have very few knowledge about pki, certificate and tls,
thanks a lot! :)
BR,Charles
在 2012-7-30 上午4:57,"curriegrad2004" <curriegrad2004 at gmail.com>写道:
> You do realize that if your org does have an existing PKI
> infrastructure, you can in theory skip all of that. You just need to
> know the right values to configure and that's about it. (wink, wink,
> nudge, nudge) :)
>
> On Sun, Jul 29, 2012 at 11:23 AM, Mitch Capper <mitch.capper at gmail.com>
> wrote:
> > Try running head from GIT and let us know if you still have a problem.
> >
> > ~mitch
> >
> > On Sun, Jul 29, 2012 at 5:25 AM, fieldpeak <fieldpeak at gmail.com> wrote:
> >> Hi Masters,
> >>
> >>
> >>
> >> I'm testing the TLS on FS to work with softphone.
> >>
> >>
> >>
> >> followed the wiki
> >> (http://wiki.freeswitch.org/wiki/Tls#EyeBeam.2FBria_Setup),
> >>
> >>
> >>
> >> I generated the CA (root) certificate by below command, however, when i
> >> install the root certificate on windows, it prompt me that the valid
> period
> >> is for only one month. I tried to change the "DAYS=2190" inside the
> >> "gentls_cert" script, but it only effect on server
> certificate(agent.pem)
> >> but not root certificate (cafile.pem), Could anyone please help me,
> >> appreciated for your any advise!!
> >>
> >>
> >>
> >> ./gentls_cert setup -cn fs.audiocodes.com.cn -alt DNS:
> fs.audiocodes.com.cn
> >> -org audiocodes.com.cn
> >>
> >>
> >>
> >> below is from wiki.
> >>
> >> This will create CA certificate and key along with in conf/ssl/CA
> >> directory(cacert.pem, cakey.pem) and certificate in the conf/ssl
> >> folder(cafile.pem).
> >>
> >> [ Note: The name given for -cn and -alt should be the same as the DNS
> name
> >> of your freeswitch installation and used as the registrar name on the
> phone
> >> (at least on Polycoms). ] You can change the "DAYS=2190" line in the
> >> gentls_cert file to make the certificate valid for longer time. However
> >> making it too long has some wrap around problem, it appears.
> >>
> >>
> >> To short, I want to change the valid period longer for the cafile.pem ,
> >> thanks!!
> >>
> >>
> >> --
> >> Regards,
> >> Charles
> >>
> >>
> >>
> _________________________________________________________________________
> >> Professional FreeSWITCH Consulting Services:
> >> consulting at freeswitch.org
> >> http://www.freeswitchsolutions.com
> >>
> >>
> >>
> >>
> >> Official FreeSWITCH Sites
> >> http://www.freeswitch.org
> >> http://wiki.freeswitch.org
> >> http://www.cluecon.com
> >>
> >> Join Us At ClueCon - Aug 7-9, 2012
> >>
> >> FreeSWITCH-users mailing list
> >> FreeSWITCH-users at lists.freeswitch.org
> >> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> >> UNSUBSCRIBE:
> http://lists.freeswitch.org/mailman/options/freeswitch-users
> >> http://www.freeswitch.org
> >>
> >
> > _________________________________________________________________________
> > Professional FreeSWITCH Consulting Services:
> > consulting at freeswitch.org
> > http://www.freeswitchsolutions.com
> >
> >
> >
> >
> > Official FreeSWITCH Sites
> > http://www.freeswitch.org
> > http://wiki.freeswitch.org
> > http://www.cluecon.com
> >
> > Join Us At ClueCon - Aug 7-9, 2012
> >
> > FreeSWITCH-users mailing list
> > FreeSWITCH-users at lists.freeswitch.org
> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> > http://www.freeswitch.org
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
>
>
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> Join Us At ClueCon - Aug 7-9, 2012
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20120730/32e259b6/attachment.html
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list