[asterisk-users] Calendar: cert mismatch
James Cloos
cloos at jhcloos.com
Mon Feb 25 18:45:46 CST 2013
>>>>> "PD" == Phil Daws <uxbod at splatnix.net> writes:
PD> It does generate a validity warning, as its self-signed, though I have
PD> added it to the PBX ca-bundle.crt. Am I right in assuming that
PD> Asterisk will use the default OpenSSL paths for where certificates are
PD> stored ?
The error said that the hostname in the uri does not match (any of) the
hostname(s) in the cert.
Does the self-signed cert have the hostname in either the CN or in (any
of) the dnsName(s) in the subjectAltName section?
It might work better if you created a local CA and used that to sign an
end-entity cert for each server which needs one. Then add that CA cert
to the bundle. Recent versions of tls (claim to have) deprecated the
idea of using self-signed certs for anything other than root ca certs,
but you can always create your own CA.
-JimC
--
James Cloos <cloos at jhcloos.com> OpenPGP: 1024D/ED7DAEA6
More information about the asterisk-users
mailing list