[Freeswitch-users] SSL cert required fields
Brian West
brian at freeswitch.org
Tue Jul 29 01:23:54 MSD 2014
The one generated for DTLS isn't the same one you would setup for your WSS
connectivity.
On Mon, Jul 28, 2014 at 2:10 PM, sangdrax8 <sangdrax8 at gmail.com> wrote:
> I can get my latest freeswitch to run TLS profiles if I use the provided
> scripts to genenrate the CA and the server certs, but not with my own
> certs. The TLS profile does start with my cert, but when I connect, it
> does not provide a cert to the client.
>
> The only differences I can see in the server cert are the following fields:
>
> X509v3 Authority Key Identifier:
> DirName:/CN=FreeSWITCH CA/O=FreeSWITCH
> serial:91:F9:22:5D:22:38:6B:09
>
> X509v3 Subject Alternative Name:
> DNS:test.freeswitch.org
> Netscape Cert Type:
> SSL Server
> X509v3 Extended Key Usage:
> TLS Web Server Authentication
>
>
> As I understand it, the Netscape and Usage designations are not used by
> freeswitch at this time. So I wouldn't expect them to cause an issue,
> unless this has changed since the documentation was written.
>
> I have the x509v3 Authority Key Identifier, with a keyid field, but I
> don't have these other two fields which the script puts. Are these
> required?
>
> I also do not have a Alt name defined in my cert, but I wouldn't have
> thought this would be a required field either.
>
> I can't find anything else that appears different to me. If someone can
> clarify what is required for Freeswitch to use a cert, it would be greatly
> appreciated!
>
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
>
>
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
--
*Brian West*
brian at freeswitch.org
*Twitter: @FreeSWITCH , @briankwest*
http://www.freeswitchbook.com
http://www.freeswitchcookbook.com
*T:*+19184209001 | *F:*+19184209002 | *M:*+1918424WEST (9378)
*iNUM:*+883 5100 1420 9001 | *ISN:*410*543 | *Skype:*briankwest
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20140728/c41063cf/attachment.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list