[SR-Users] Kamailio TLS with intermediate CA certificates
Daniel-Constantin Mierla
miconda at gmail.com
Mon Jan 30 13:53:35 CET 2012
Hello,
On 1/29/12 2:53 PM, Daniel Pocock wrote:
>>> Construct the PEM file in this exact order:
>>>
>>> cat server.example.com.pem> chain-server.example.com.pem
>>> cat inter2.pem>> chain-server.example.com.pem
>>> cat inter1.pem>> chain-server.example.com.pem
>>>
>>> and then, in tls.cfg:
>>>
>>> certificate=chain-server.example.com.pem
>>>
>> This applies to almost all OpenSSL based implementations. But it should be documented somewhere.
>>
> This post will probably end up in Google - so people will find it that
> way (including me, when I've forgotten this little detail at some point
> in the future)
>
> It's a little bit different in Apache, where the user specifies a file
> containing intermediate certs - many of the CAs give instructions for
> adding that file in Apache, but they make no mention of
> OpenSSL/Kamailio/concatenating everything, so I imagine people will get
> stuck on things like this
we can include your notes to the readme, they may help people looking
for same subject in the future.
If you create a patch against a docbook xml file in
modules/tls/doc/*.xml, adding a new section or to Important Notes, then
we will commit.
As a general policy, we are happy always to get improvements to
documentation, for large enhancements we can allow git commit as well.
Cheers,
Daniel
--
Daniel-Constantin Mierla -- http://www.asipto.com
http://linkedin.com/in/miconda -- http://twitter.com/miconda
More information about the sr-users
mailing list