[Freeswitch-users] SSL cert required fields
sangdrax8
sangdrax8 at gmail.com
Mon Jul 28 23:10:25 MSD 2014
I can get my latest freeswitch to run TLS profiles if I use the provided
scripts to genenrate the CA and the server certs, but not with my own
certs. The TLS profile does start with my cert, but when I connect, it
does not provide a cert to the client.
The only differences I can see in the server cert are the following fields:
X509v3 Authority Key Identifier:
DirName:/CN=FreeSWITCH CA/O=FreeSWITCH
serial:91:F9:22:5D:22:38:6B:09
X509v3 Subject Alternative Name:
DNS:test.freeswitch.org
Netscape Cert Type:
SSL Server
X509v3 Extended Key Usage:
TLS Web Server Authentication
As I understand it, the Netscape and Usage designations are not used by
freeswitch at this time. So I wouldn't expect them to cause an issue,
unless this has changed since the documentation was written.
I have the x509v3 Authority Key Identifier, with a keyid field, but I don't
have these other two fields which the script puts. Are these required?
I also do not have a Alt name defined in my cert, but I wouldn't have
thought this would be a required field either.
I can't find anything else that appears different to me. If someone can
clarify what is required for Freeswitch to use a cert, it would be greatly
appreciated!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20140728/b307fc66/attachment.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list