[Freeswitch-users] How to generate client certificates using commercial certificate?

Rajil Saraswat rajil.s at gmail.com
Sun Jan 4 03:18:34 MSK 2015


I would like to use a commercial certificate to generate client
certificates for my TLS sip clients. I have received the following
files for my server from PositiveSSL

Root CA Certificate - AddTrustExternalCARoot.crt
Intermediate CA Certificate - COMODORSAAddTrustCA.crt
Intermediate CA Certificate - COMODORSADomainValidationSecureServerCA.crt
Your PositiveSSL Certificate - myserver_dyndns_org.crt

I did the following to create the files in freeswitch/conf/ssl

a) cat myserver.key myserver_dyndns_org.crt>agent.pem
b) cat COMODORSADomainValidationSecureServerCA.crt
COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > cafile.pem

Testing the server works:
openssl s_client -showcerts -connect myserver.dyndns.org:5061

Server certificate
subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=myserver.dyndns.org
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA
Limited/CN=COMODO RSA Domain Validation Secure Server CA
No client certificate CA names sent
SSL handshake has read 6108 bytes and written 442 bytes
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported

How do i create the certificates for the clients now?


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list