[Freeswitch-users] Using TLS certificate with intermediate CA
Thilo-Alexander Ginkel
thilo at ginkel.com
Wed Mar 24 10:40:30 UTC 2021
Hello everyone,
I am currently struggling to get FreeSWITCH
(1.10.5-release-17-25569c1631~64bit) to send the intermediate CA
certificate for a Let's Encrypt X.509 certificate to be used for
protecting SIPS traffic.
I included the certificate chain in agent.pem:
-- 8< --
-----BEGIN EC PARAMETERS-----
*REDACTED*
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
*REDACTED*
-----END EC PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
*SERVER CERT*
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
*INTERMEDIATE CERT*
-----END CERTIFICATE-----
-- 8< --
Still, clients are complaining about an invalid CA and openssl s_client
hints at only the server cert being sent in the server hello.
What did I miss?
Thanks,
Thilo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20210324/1c3785b9/attachment.html>
More information about the FreeSWITCH-users
mailing list