[Freeswitch-users] How to generate client certificates using commercial certificate?
Rajil Saraswat
rajil.s at gmail.com
Sun Jan 4 03:18:34 MSK 2015
Hello,
I would like to use a commercial certificate to generate client
certificates for my TLS sip clients. I have received the following
files for my server from PositiveSSL
Root CA Certificate - AddTrustExternalCARoot.crt
Intermediate CA Certificate - COMODORSAAddTrustCA.crt
Intermediate CA Certificate - COMODORSADomainValidationSecureServerCA.crt
Your PositiveSSL Certificate - myserver_dyndns_org.crt
I did the following to create the files in freeswitch/conf/ssl
a) cat myserver.key myserver_dyndns_org.crt>agent.pem
b) cat COMODORSADomainValidationSecureServerCA.crt
COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > cafile.pem
Testing the server works:
openssl s_client -showcerts -connect myserver.dyndns.org:5061
*****SNIP****
Server certificate
subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=myserver.dyndns.org
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA
Limited/CN=COMODO RSA Domain Validation Secure Server CA
---
No client certificate CA names sent
---
SSL handshake has read 6108 bytes and written 442 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
*****SNIP******
How do i create the certificates for the clients now?
Thanks
Rajil
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list