<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hello,<br>
<br>
the module in kamailio doesn't have an option for ca list. This
should be a configuration option for ldap server to know which
trusted CA to use. The ldap client library should have the option to
set the certificate and key.<br>
<br>
Cheers,<br>
Daniel<br>
<br>
<div class="moz-cite-prefix">On 10/04/14 00:27, Slava Bendersky
wrote:<br>
</div>
<blockquote
cite="mid:1430766563.4523155.1397082421257.JavaMail.zimbra@skillsearch.ca"
type="cite">
<div style="font-family: lucida console,sans-serif; font-size:
12pt; color: #000000">
<div>Hello Everyone,<br>
</div>
<div>Tried look through documentation and couldn't find anything
about it ?<br>
</div>
<div>Any suggestions ?<br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>Slava.<br>
</div>
<div><br>
</div>
<div><br>
</div>
<hr id="zwchr">
<div
style="color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;"
data-mce-style="color: #000; font-weight: normal; font-style:
normal; text-decoration: none; font-family:
Helvetica,Arial,sans-serif; font-size: 12pt;"><b>From: </b>"Slava
Bendersky" <a class="moz-txt-link-rfc2396E" href="mailto:volga629@networklab.ca"><volga629@networklab.ca></a><br>
<b>To: </b><a class="moz-txt-link-abbreviated" href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a><br>
<b>Sent: </b>Monday, April 7, 2014 1:57:53 PM<br>
<b>Subject: </b>[SR-Users] ldap SSL<br>
<div><br>
</div>
<div style="font-family: lucida console,sans-serif; font-size:
12pt; color: #000000" data-mce-style="font-family: lucida
console,sans-serif; font-size: 12pt; color: #000000;">
<div>Hello Everyone,<br>
</div>
<div>How I can specify ldap CA cert in ldap configuration ?<br>
</div>
<div><br>
</div>
<div>The directive ca_list bellow is ignored.<br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>[07/Apr/2014:13:40:37 -0400] conn=20 op=-1 fd=70 closed
- Peer does not recognize and trust the CA that issued
your certificate.<br>
[07/Apr/2014:13:40:37 -0400] conn=22 op=-1 fd=64 closed -
Encountered end of file.<br>
<div><br>
</div>
</div>
<div><br>
</div>
<div>Current config<br>
</div>
<div><br>
</div>
<div>ldap_server_url = <a class="moz-txt-link-rfc2396E" href="ldaps://ds389.network.com:636">"ldaps://ds389.network.com:636"</a><br>
ldap_bind_dn = "uid=adm,ou=People,dc=network,dc=com"<br>
ldap_bind_password = "password"<br>
authtype = simple<br>
tls = on<br>
ca_list = /etc/kamailio/cert/ca-cert_ldap.pem<br>
<div><br>
</div>
</div>
</div>
<br>
_______________________________________________<br>
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users
mailing list<br>
<a class="moz-txt-link-abbreviated" href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a><br>
<a class="moz-txt-link-freetext" href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a><br>
</div>
<div><br>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a>
<a class="moz-txt-link-freetext" href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Daniel-Constantin Mierla - <a class="moz-txt-link-freetext" href="http://www.asipto.com">http://www.asipto.com</a>
<a class="moz-txt-link-freetext" href="http://twitter.com/#!/miconda">http://twitter.com/#!/miconda</a> - <a class="moz-txt-link-freetext" href="http://www.linkedin.com/in/miconda">http://www.linkedin.com/in/miconda</a></pre>
</body>
</html>