[asterisk-bugs] [JIRA] (ASTERISK-24158) asterisk can't validate wildcard certificate
Bradley Watkins (JIRA)
noreply at issues.asterisk.org
Tue Aug 5 08:46:57 CDT 2014
[ https://issues.asterisk.org/jira/browse/ASTERISK-24158?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=221211#comment-221211 ]
Bradley Watkins commented on ASTERISK-24158:
--------------------------------------------
It should not work, per RFC 5922, Section 7.2:
Implementations MUST NOT match any form of wildcard, such as a
leading "." or "*." with any other DNS label or sequence of
labels. For example, "*.example.com" matches only
"*.example.com" but not "foo.example.com". Similarly,
".example.com" matches only ".example.com", and does not match
"foo.example.com".
> asterisk can't validate wildcard certificate
> --------------------------------------------
>
> Key: ASTERISK-24158
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-24158
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Affects Versions: 11.12.0
> Reporter: Paolo Compagnini
> Severity: Minor
> Attachments: sip.conf
>
>
> asterisk can't validate wildcard certificate. i.e. validation will fail for CN=*.example.org and hostname=sipsrv.example.org
> In main/tcptls.c a simple strcasecmp is done for comparing hostname and common name(CN) of the certificate.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list