[Freeswitch-users] Peer Subject Mismatch (incoming connection)
Xenia Obolenskaya
j4v28bsjtp43hnf865 at gmail.com
Tue Jun 19 04:45:54 UTC 2018
Hi, All,
Peer Subject Mismatch (incoming connection) - WHY MISMATCH? WHAT MISMATCH?
Why Peer Certificate Subject 0: "sip.obolenskaya.su" is mismatching realm
(which is correctly resolving with DNS SRV including port) "
sip.obolenskaya.su"?
The same CA certificate was placed in cafile.pem on both peers.
Peer Certificate:
Data:
Version: 3 (0x2)
Serial Number:
a7:17:ad:32:72:ce:b5:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: O=FS, CN=My_FS
Validity
Not Before: Jun 18 07:42:08 2018 GMT
Not After : Dec 9 07:42:08 2023 GMT
Subject: O=FS, CN=obolenskaya.su
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ef:31:86:e6:dd:13:2d:92:e1:2b:7a:14:7f:de:
0f:11:97:2b:d9:de:bf:1e:6b:bc:90:ef:8e:04:2a:
99:7b:58:a1:39:94:01:42:00:38:6e:e0:1c:cf:13:
7f:25:2d:f2:c0:0f:ed:0d:ad:0e:e9:37:40:32:ae:
92:2e:58:b0:79:2b:bf:16:5a:11:86:5b:18:bd:a1:
b0:3c:2a:2f:cb:bd:52:c5:dd:a1:94:64:96:18:3a:
77:eb:0d:b3:65:24:ff:22:d9:3b:55:a7:13:bc:1c:
d2:61:be:40:e1:1c:43:87:c9:78:ab:b4:55:95:fd:
52:f6:e7:e3:04:ed:50:86:d3:19:53:67:07:30:d4:
08:62:c6:a2:f5:e9:07:71:5e:03:af:96:1a:89:39:
db:cf:6f:21:be:46:61:6b:cc:2c:10:99:b4:cf:32:
db:c1:a3:0d:03:5d:1f:30:45:4e:ca:ff:f4:ba:ad:
d9:4f:6a:5a:f6:42:41:82:d4:3f:39:f9:5a:98:95:
1a:c1:e4:4f:5c:a0:e3:a0:dd:1c:a6:65:f9:98:15:
f0:8b:18:c5:0d:8f:67:17:4c:5c:ef:ed:fc:b5:42:
80:0f:c8:e4:e6:02:73:c6:8d:8f:1c:94:4d:de:90:
eb:24:05:94:36:f3:76:8c:62:a2:80:e6:57:24:06:
0d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Subject Alternative Name:
DNS:sip.obolenskaya.su, DNS:obolenskaya.su
Signature Algorithm: sha256WithRSAEncryption
5a:54:62:45:66:71:3c:11:b8:01:21:e2:bb:bb:3c:ca:0d:23:
c8:d2:3e:5b:9f:93:28:cd:4d:df:b0:82:8f:76:b3:9e:0c:4a:
91:e1:f5:c7:aa:ae:26:a1:c5:87:a5:16:8f:60:6f:6b:f6:80:
f8:7f:f9:12:f3:87:bf:63:52:da:1b:35:c7:31:16:d0:4f:7c:
49:71:f4:77:99:4c:64:97:a0:bb:e3:cb:b5:67:64:64:c4:f4:
93:7e:55:35:3e:07:ad:9c:b5:a7:01:89:14:a1:e8:2f:44:ea:
8e:f6:66:79:1b:5d:51:7f:e2:41:b5:cc:97:da:62:db:68:40:
8f:82:68:8c:5c:da:26:d2:1f:43:0c:ea:3b:14:6d:15:0e:d4:
12:92:a0:89:8e:42:e5:1e:33:cc:55:64:fc:11:30:5b:f9:15:
cd:47:61:b5:b3:b4:6d:26:ee:dd:68:6a:6b:b3:15:28:41:d4:
ee:d5:60:cd:e7:59:3c:91:45:6c:85:79:78:87:a5:24:ca:0f:
33:ec:b2:03:7f:03:81:a6:b5:8a:22:e2:98:30:32:06:5f:f9:
7b:ec:c3:d6:a7:aa:e8:db:29:6b:e0:be:97:59:51:be:a0:69:
00:61:86:e5:ea:93:fb:45:b4:6c:aa:d7:e3:01:54:e7:a6:7d:
7f:9b:0a:d5
Very simple gateway:
<gateway name="my_freeswitch">
<param name="username" value="1234"/>
<param name="realm" value="sip.obolenskaya.su"/>
<param name="password" value="my_strong_password"/>
<param name="register-transport" value="tls"/>
</gateway>
Some relevant tls-setings:
<settings>
<param name="tls" value="true"/>
<param name="tls-only" value="true"/>
<param name="tls-bind-params" value="transport=tls"/>
<param name="tls-sip-port" value="5061"/>
<param name="tls-cert-dir" value="/usr/local/freeswitch/certs"/>
<param name="tls-passphrase" value=""/>
<param name="tls-verify-date" value="true"/>
<param name="tls-verify-policy" value="subjects_all"/>
<param name="tls-verify-depth" value="2"/>
param name="tls-verify-in-subjects" value="CN"/>
<param name="tls-version" value="tlsv1.2"/>
</settings>
[NOTICE] sofia_reg.c:448 Registering my_freeswitch
tport.c:3257 tport_tsend() tport_tsend(0x7f9c2c094410) tpn =
tls/2a02:b184:3:1a11::2ba1:5061
tport.c:4046 tport_resolve() tport_resolve addrinfo =
[2a02:b184:3:1a11::2ba1]:5061
tport.c:4680 tport_by_addrinfo() tport_by_addrinfo(0x7f9c2c094410): not
found by name tls/2a02:b184:3:1a11::2ba1:5061
tport.c:4680 tport_by_addrinfo() tport_by_addrinfo(0x7f9c2c094410): not
found by name tls/2a02:b184:3:1a11::2ba1:5061
tport.c:862 tport_alloc_secondary() tport_alloc_secondary(0x7f9c2c094410):
new secondary tport 0x7f9c2c068f10
tport_type_tcp.c:203 tport_tcp_init_secondary()
tport_tcp_init_secondary(0x7f9c2c068f10): Setting TCP_KEEPIDLE to 30
tport_type_tcp.c:209 tport_tcp_init_secondary()
tport_tcp_init_secondary(0x7f9c2c068f10): Setting TCP_KEEPINTVL to 30
tport_type_tls.c:683 tport_tls_connect() tport_tls_connect(0x7f9c2c068f10):
connecting to tls/[2a02:b184:3:1a11::2ba1]:5061/sips
tport.c:2296 tport_set_secondary_timer() tport(0x7f9c2c068f10): reset timer
tport.c:3782 tport_queue() tport_queue(0x7f9c2c068f10): queueing
0x7f9c2c05d030 for tls/[2a02:b184:3:1a11::2ba1]:5061
tport.c:4160 tport_pend() tport_pend(0x7f9c2c068f10): pending
0x7f9c2c05d030 for tls/[2a02:b184:3:1a11::2ba1]:5061 (already 0)
tport_tls.c:956 tls_connect() tls_connect(0x7f9c2c068f10): events CONNECTING
tport_tls.c:956 tls_connect() tls_connect(0x7f9c2c068f10): events
NEGOTIATING
tport_tls.c:956 tls_connect() tls_connect(0x7f9c2c068f10): events
NEGOTIATING
tport_tls.c:599 tls_post_connection_check()
tls_post_connection_check(0x7f9c2c068f10): TLS cipher chosen (name):
ECDHE-RSA-AES256-GCM-SHA384
tport_tls.c:601 tls_post_connection_check()
tls_post_connection_check(0x7f9c2c068f10): TLS cipher chosen (version):
TLSv1/SSLv3
tport_tls.c:604 tls_post_connection_check()
tls_post_connection_check(0x7f9c2c068f10): TLS cipher chosen
(bits/alg_bits): 256/256
tport_tls.c:607 tls_post_connection_check()
tls_post_connection_check(0x7f9c2c068f10): TLS cipher chosen (description):
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256)
Mac=AEAD
tport_tls.c:694 tls_post_connection_check()
tls_post_connection_check(0x7f9c2c068f10): Peer Certificate Subject 0:
sip.obolenskaya.su
tport_tls.c:694 tls_post_connection_check()
tls_post_connection_check(0x7f9c2c068f10): Peer Certificate Subject 1:
obolenskaya.su
tport.c:3923 tport_send_event() tport_send_event(0x7f9c2c068f10) - ready to
send to (tls/[2a02:b184:3:1a11::2ba1]:5061)
tport_type_tls.c:534 tport_tls_send() tport_tls_writevec: vec
0x7f9c2c0af610 0x7f9c2c09db90 637 (637)
tport.c:3594 tport_vsend() tport_vsend(0x7f9c2c068f10): 637 bytes of 637 to
tls/[2a02:b184:3:1a11::2ba1]:5061
tport.c:3492 tport_send_msg() tport_vsend returned 637
tport_type_tls.c:338 tport_tls_set_events()
tport_tls_set_events(0x7f9c2c068f10): logical events IN real IN
tport.c:2296 tport_set_secondary_timer() tport(0x7f9c2c068f10): reset timer
tport.c:2773 tport_wakeup() tport_wakeup(0x7f9c2c068f10): events IN
tport.c:2864 tport_recv_event() tport_recv_event(0x7f9c2c068f10)
tport_type_tls.c:434 tport_tls_recv() tport_tls_recv(0x7f9c2c068f10):
tls_read() returned 653
tport.c:3205 tport_recv_iovec() tport_recv_iovec(0x7f9c2c068f10) msg
0x7f9c2c089c70 from (tls/[2a02:b184:3:1a11::2ba1]:5061) has 653 bytes,
veclen = 1
tport.c:3023 tport_deliver() tport_deliver(0x7f9c2c068f10): msg
0x7f9c2c089c70 (653 bytes) from tls/[2a02:b184:3:1a11::2ba1]:5061/sips
next=(nil)
tport.c:4222 tport_release() tport_release(0x7f9c2c068f10): 0x7f9c2c05d030
by 0x7f9c2c0672c0 with 0x7f9c2c089c70
tport.c:2296 tport_set_secondary_timer() tport(0x7f9c2c068f10): reset timer
tport.c:2296 tport_set_secondary_timer() tport(0x7f9c2c068f10): reset timer
tport.c:3257 tport_tsend() tport_tsend(0x7f9c2c094410) tpn =
tls/2a02:b184:3:1a11::2ba1:5061
tport.c:4046 tport_resolve() tport_resolve addrinfo =
[2a02:b184:3:1a11::2ba1]:5061
tport.c:4677 tport_by_addrinfo() tport_by_addrinfo(0x7f9c2c094410): found
0x7f9c2c068f10 by name tls/2a02:b184:3:1a11::2ba1:5061
tport_type_tls.c:534 tport_tls_send() tport_tls_writevec: vec
0x7f9c2c0af610 0x7f9c2c080930 912 (912)
tport.c:3594 tport_vsend() tport_vsend(0x7f9c2c068f10): 912 bytes of 912 to
tls/[2a02:b184:3:1a11::2ba1]:5061
tport.c:3492 tport_send_msg() tport_vsend returned 912
tport.c:2296 tport_set_secondary_timer() tport(0x7f9c2c068f10): reset timer
tport.c:4160 tport_pend() tport_pend(0x7f9c2c068f10): pending
0x7f9c2c05d030 for tls/[2a02:b184:3:1a11::2ba1]:5061 (already 0)
tport.c:2773 tport_wakeup() tport_wakeup(0x7f9c2c068f10): events IN
tport.c:2864 tport_recv_event() tport_recv_event(0x7f9c2c068f10)
tport_type_tls.c:434 tport_tls_recv() tport_tls_recv(0x7f9c2c068f10):
tls_read() returned 654
tport.c:3205 tport_recv_iovec() tport_recv_iovec(0x7f9c2c068f10) msg
0x7f9c2c089c70 from (tls/[2a02:b184:3:1a11::2ba1]:5061) has 654 bytes,
veclen = 1
tport.c:3023 tport_deliver() tport_deliver(0x7f9c2c068f10): msg
0x7f9c2c089c70 (654 bytes) from tls/[2a02:b184:3:1a11::2ba1]:5061/sips
next=(nil)
tport.c:4222 tport_release() tport_release(0x7f9c2c068f10): 0x7f9c2c05d030
by 0x7f9c2c067080 with 0x7f9c2c089c70
tport.c:4160 tport_pend() tport_pend(0x7f9c2c068f10): pending (nil) for
tls/[2a02:b184:3:1a11::2ba1]:5061 (already 0)
tport.c:2296 tport_set_secondary_timer() tport(0x7f9c2c068f10): reset timer
tport.c:2749 tport_wakeup_pri() tport_wakeup_pri(0x7f9c2c094410): events IN
tport.c:862 tport_alloc_secondary() tport_alloc_secondary(0x7f9c2c094410):
new secondary tport 0x7f9c2c082960
tport_type_tcp.c:203 tport_tcp_init_secondary()
tport_tcp_init_secondary(0x7f9c2c082960): Setting TCP_KEEPIDLE to 30
tport_type_tcp.c:209 tport_tcp_init_secondary()
tport_tcp_init_secondary(0x7f9c2c082960): Setting TCP_KEEPINTVL to 30
tport_type_tls.c:610 tport_tls_accept() tport_tls_accept(0x7f9c2c082960):
new connection from tls/[2a02:b184:3:1a11::2ba1]:52886/sips
tport_tls.c:956 tls_connect() tls_connect(0x7f9c2c082960): events
NEGOTIATING
tport_tls.c:956 tls_connect() tls_connect(0x7f9c2c082960): events
NEGOTIATING
tport_tls.c:599 tls_post_connection_check()
tls_post_connection_check(0x7f9c2c082960): TLS cipher chosen (name):
ECDHE-RSA-AES256-GCM-SHA384
tport_tls.c:601 tls_post_connection_check()
tls_post_connection_check(0x7f9c2c082960): TLS cipher chosen (version):
TLSv1/SSLv3
tport_tls.c:604 tls_post_connection_check()
tls_post_connection_check(0x7f9c2c082960): TLS cipher chosen
(bits/alg_bits): 256/256
tport_tls.c:607 tls_post_connection_check()
tls_post_connection_check(0x7f9c2c082960): TLS cipher chosen (description):
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256)
Mac=AEAD
tport_tls.c:694 tls_post_connection_check()
tls_post_connection_check(0x7f9c2c082960): Peer Certificate Subject 0:
sip.obolenskaya.su
tport_tls.c:694 tls_post_connection_check()
tls_post_connection_check(0x7f9c2c082960): Peer Certificate Subject 1:
obolenskaya.su
tport_tls.c:721 tls_post_connection_check()
tls_post_connection_check(0x7f9c2c082960): Peer Subject Mismatch (incoming
connection)
tport.c:2090 tport_close() tport_close(0x7f9c2c082960):
tls/[2a02:b184:3:1a11::2ba1]:52886/sips
tport.c:2263 tport_set_secondary_timer() tport(0x7f9c2c082960): set timer
at 0 ms because zap
If this setting changed the mismatch disappear:
<param name="tls-verify-policy" value="subjects_out|in"/>
[NOTICE] sofia_reg.c:448 Registering my_freeswitch
tport.c:3257 tport_tsend() tport_tsend(0x7f9c1c046570) tpn =
tls/2a02:b184:3:1a11::2ba1:5061
tport.c:4046 tport_resolve() tport_resolve addrinfo =
[2a02:b184:3:1a11::2ba1]:5061
tport.c:4680 tport_by_addrinfo() tport_by_addrinfo(0x7f9c1c046570): not
found by name tls/2a02:b184:3:1a11::2ba1:5061
tport.c:862 tport_alloc_secondary() tport_alloc_secondary(0x7f9c1c046570):
new secondary tport 0x7f9c1c07fa60
tport_type_tcp.c:203 tport_tcp_init_secondary()
tport_tcp_init_secondary(0x7f9c1c07fa60): Setting TCP_KEEPIDLE to 30
tport_type_tcp.c:209 tport_tcp_init_secondary()
tport_tcp_init_secondary(0x7f9c1c07fa60): Setting TCP_KEEPINTVL to 30
tport_type_tls.c:683 tport_tls_connect() tport_tls_connect(0x7f9c1c07fa60):
connecting to tls/[2a02:b184:3:1a11::2ba1]:5061/sips
tport.c:2296 tport_set_secondary_timer() tport(0x7f9c1c07fa60): reset timer
tport.c:3782 tport_queue() tport_queue(0x7f9c1c07fa60): queueing
0x7f9c1c03a460 for tls/[2a02:b184:3:1a11::2ba1]:5061
tport.c:4160 tport_pend() tport_pend(0x7f9c1c07fa60): pending
0x7f9c1c03a460 for tls/[2a02:b184:3:1a11::2ba1]:5061 (already 0)
tport_tls.c:956 tls_connect() tls_connect(0x7f9c1c07fa60): events CONNECTING
tport_tls.c:956 tls_connect() tls_connect(0x7f9c1c07fa60): events
NEGOTIATING
tport_tls.c:956 tls_connect() tls_connect(0x7f9c1c07fa60): events
NEGOTIATING
tport_tls.c:599 tls_post_connection_check()
tls_post_connection_check(0x7f9c1c07fa60): TLS cipher chosen (name):
ECDHE-RSA-AES256-GCM-SHA384
tport_tls.c:601 tls_post_connection_check()
tls_post_connection_check(0x7f9c1c07fa60): TLS cipher chosen (version):
TLSv1/SSLv3
tport_tls.c:604 tls_post_connection_check()
tls_post_connection_check(0x7f9c1c07fa60): TLS cipher chosen
(bits/alg_bits): 256/256
tport_tls.c:607 tls_post_connection_check()
tls_post_connection_check(0x7f9c1c07fa60): TLS cipher chosen (description):
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256)
Mac=AEAD
tport_tls.c:694 tls_post_connection_check()
tls_post_connection_check(0x7f9c1c07fa60): Peer Certificate Subject 0:
sip.obolenskaya.su
tport_tls.c:694 tls_post_connection_check()
tls_post_connection_check(0x7f9c1c07fa60): Peer Certificate Subject 1:
obolenskaya.su
tport.c:3923 tport_send_event() tport_send_event(0x7f9c1c07fa60) - ready to
send to (tls/[2a02:b184:3:1a11::2ba1]:5061)
tport_type_tls.c:534 tport_tls_send() tport_tls_writevec: vec
0x7f9c1c0a4750 0x7f9c1c058cb0 637 (637)
tport.c:3594 tport_vsend() tport_vsend(0x7f9c1c07fa60): 637 bytes of 637 to
tls/[2a02:b184:3:1a11::2ba1]:5061
tport.c:3492 tport_send_msg() tport_vsend returned 637
tport_type_tls.c:338 tport_tls_set_events()
tport_tls_set_events(0x7f9c1c07fa60): logical events IN real IN
tport.c:2296 tport_set_secondary_timer() tport(0x7f9c1c07fa60): reset timer
tport.c:2773 tport_wakeup() tport_wakeup(0x7f9c1c07fa60): events IN
tport.c:2864 tport_recv_event() tport_recv_event(0x7f9c1c07fa60)
tport_type_tls.c:434 tport_tls_recv() tport_tls_recv(0x7f9c1c07fa60):
tls_read() returned 653
tport.c:3205 tport_recv_iovec() tport_recv_iovec(0x7f9c1c07fa60) msg
0x7f9c1c09c620 from (tls/[2a02:b184:3:1a11::2ba1]:5061) has 653 bytes,
veclen = 1
tport.c:3023 tport_deliver() tport_deliver(0x7f9c1c07fa60): msg
0x7f9c1c09c620 (653 bytes) from tls/[2a02:b184:3:1a11::2ba1]:5061/sips
next=(nil)
tport.c:4222 tport_release() tport_release(0x7f9c1c07fa60): 0x7f9c1c03a460
by 0x7f9c1c0a4500 with 0x7f9c1c09c620
tport.c:2296 tport_set_secondary_timer() tport(0x7f9c1c07fa60): reset timer
tport.c:2296 tport_set_secondary_timer() tport(0x7f9c1c07fa60): reset timer
tport.c:3257 tport_tsend() tport_tsend(0x7f9c1c046570) tpn =
tls/2a02:b184:3:1a11::2ba1:5061
tport.c:4046 tport_resolve() tport_resolve addrinfo =
[2a02:b184:3:1a11::2ba1]:5061
tport.c:4677 tport_by_addrinfo() tport_by_addrinfo(0x7f9c1c046570): found
0x7f9c1c07fa60 by name tls/2a02:b184:3:1a11::2ba1:5061
tport_type_tls.c:534 tport_tls_send() tport_tls_writevec: vec
0x7f9c1c0a4750 0x7f9c1c09c620 912 (912)
tport.c:3594 tport_vsend() tport_vsend(0x7f9c1c07fa60): 912 bytes of 912 to
tls/[2a02:b184:3:1a11::2ba1]:5061
tport.c:3492 tport_send_msg() tport_vsend returned 912
tport.c:2296 tport_set_secondary_timer() tport(0x7f9c1c07fa60): reset timer
tport.c:4160 tport_pend() tport_pend(0x7f9c1c07fa60): pending
0x7f9c1c058cb0 for tls/[2a02:b184:3:1a11::2ba1]:5061 (already 0)
tport.c:2773 tport_wakeup() tport_wakeup(0x7f9c1c07fa60): events IN
tport.c:2864 tport_recv_event() tport_recv_event(0x7f9c1c07fa60)
tport_type_tls.c:434 tport_tls_recv() tport_tls_recv(0x7f9c1c07fa60):
tls_read() returned 654
tport.c:3205 tport_recv_iovec() tport_recv_iovec(0x7f9c1c07fa60) msg
0x7f9c1c09ca30 from (tls/[2a02:b184:3:1a11::2ba1]:5061) has 654 bytes,
veclen = 1
tport.c:3023 tport_deliver() tport_deliver(0x7f9c1c07fa60): msg
0x7f9c1c09ca30 (654 bytes) from tls/[2a02:b184:3:1a11::2ba1]:5061/sips
next=(nil)
tport.c:4222 tport_release() tport_release(0x7f9c1c07fa60): 0x7f9c1c058cb0
by 0x7f9c1c09d470 with 0x7f9c1c09ca30
tport.c:4160 tport_pend() tport_pend(0x7f9c1c07fa60): pending (nil) for
tls/[2a02:b184:3:1a11::2ba1]:5061 (already 0)
tport.c:2296 tport_set_secondary_timer() tport(0x7f9c1c07fa60): reset timer
tport.c:2749 tport_wakeup_pri() tport_wakeup_pri(0x7f9c1c046570): events IN
tport.c:862 tport_alloc_secondary() tport_alloc_secondary(0x7f9c1c046570):
new secondary tport 0x7f9c1c058cb0
tport_type_tcp.c:203 tport_tcp_init_secondary()
tport_tcp_init_secondary(0x7f9c1c058cb0): Setting TCP_KEEPIDLE to 30
tport_type_tcp.c:209 tport_tcp_init_secondary()
tport_tcp_init_secondary(0x7f9c1c058cb0): Setting TCP_KEEPINTVL to 30
tport_type_tls.c:610 tport_tls_accept() tport_tls_accept(0x7f9c1c058cb0):
new connection from tls/[2a02:b184:3:1a11::2ba1]:40928/sips
tport_tls.c:956 tls_connect() tls_connect(0x7f9c1c058cb0): events
NEGOTIATING
tport_tls.c:956 tls_connect() tls_connect(0x7f9c1c058cb0): events
NEGOTIATING
tport_tls.c:599 tls_post_connection_check()
tls_post_connection_check(0x7f9c1c058cb0): TLS cipher chosen (name):
ECDHE-RSA-AES256-GCM-SHA384
tport_tls.c:601 tls_post_connection_check()
tls_post_connection_check(0x7f9c1c058cb0): TLS cipher chosen (version):
TLSv1/SSLv3
tport_tls.c:604 tls_post_connection_check()
tls_post_connection_check(0x7f9c1c058cb0): TLS cipher chosen
(bits/alg_bits): 256/256
tport_tls.c:607 tls_post_connection_check()
tls_post_connection_check(0x7f9c1c058cb0): TLS cipher chosen (description):
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256)
Mac=AEAD
tport_tls.c:694 tls_post_connection_check()
tls_post_connection_check(0x7f9c1c058cb0): Peer Certificate Subject 0:
sip.obolenskaya.su
tport_tls.c:694 tls_post_connection_check()
tls_post_connection_check(0x7f9c1c058cb0): Peer Certificate Subject 1:
obolenskaya.su
tport.c:2296 tport_set_secondary_timer() tport(0x7f9c1c058cb0): reset timer
Now the peer can call me.
But what should I do that subjects_in will be checked correctly?
Thank you!
Xenia Obolenskaya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20180619/86b1edab/attachment-0001.html>
More information about the FreeSWITCH-users
mailing list