[asterisk-users] PJSIP to Twilio over TLS - wildcard cert problem
Kingsley Tart
kingsley at dns99.co.uk
Wed Dec 1 18:21:24 CST 2021
On Wed, 2021-12-01 at 22:54 +0100, Antony Stone wrote:
> So, https://datatracker.ietf.org/doc/html/rfc5922#section-7.2 does seem pretty
> clear about this. "Implementations MUST NOT match any form of wildcard"
>
> Have you contacted the provider who is using a wildcard certificate in this way
> and referred them to the RFC?
No I haven't, but if I did I suspect they would take no notice. Twilio
is a big provider who do what they do because they can.
And I can see why they do this, because customers can set up their own
SIP trunks on their system with their unique hostname, so it makes
sense for them to have a wildcard cert, whether in violation of the RFC
or not.
--
Cheers,
Kingsley.
More information about the asterisk-users
mailing list