[asterisk-bugs] [JIRA] (ASTERISK-24158) asterisk can't validate wildcard certificate
Paolo Compagnini (JIRA)
noreply at issues.asterisk.org
Tue Aug 5 08:39:57 CDT 2014
[ https://issues.asterisk.org/jira/browse/ASTERISK-24158?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=221209#comment-221209 ]
Paolo Compagnini commented on ASTERISK-24158:
---------------------------------------------
the relevant debug info are these 2 lines
[Aug 5 15:04:12] DEBUG[9588]: tcptls.c:642 handle_tcptls_connection: SSL Common Name compare s1='secure.dus.net' s2='*.dus.net'
[Aug 5 15:04:12] ERROR[9588]: tcptls.c:650 handle_tcptls_connection: Certificate common name did not match (secure.dus.net)
> asterisk can't validate wildcard certificate
> --------------------------------------------
>
> Key: ASTERISK-24158
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-24158
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Affects Versions: 11.12.0
> Reporter: Paolo Compagnini
> Severity: Minor
> Attachments: sip.conf
>
>
> asterisk can't validate wildcard certificate. i.e. validation will fail for CN=*.example.org and hostname=sipsrv.example.org
> In main/tcptls.c a simple strcasecmp is done for comparing hostname and common name(CN) of the certificate.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list