[Asterisk-Dev] Asterisk Manager encryption
Kevin P. Fleming
kpfleming at digium.com
Mon Dec 12 20:29:16 MST 2005
Tzafrir Cohen wrote:
> There's nothing inherently insecure in generating a certificate at
> install-time. This is actually exactly what ssh does.
Well, that's a key pair, not a certificate that must be signed.
> However the atvantage of openssl: being totally below the application
> layer, is also a major annoyance. The server can only be identified by
> its name or IP address. You cannot use the same certificate for several
> IP addresses.
Sure you can, just make a wildcard certificate :-) Now the only problem
is if you want to provide encrypted service for multiple domains. For
the applications we are talking about I don't think that is much of an
issue.
More information about the asterisk-dev
mailing list