I got latest master properly installed and gave ca_path a try. I placed four ca certs in directory /etc/sip-proxy/certs/ca_list:
# ls /etc/sip-proxy/certs/ca_list class3_X0E.crt dst_root_ca_x3.pem lets-encrypt-x3-cross-signed.pem root_X0F.crt Then I created file ca_list.pem that contained all of them: # cat /etc/sip-proxy/certs/ca_list/* > /etc/sip-proxy/certs/ca_list.pem In tls config file I had: [client:default] ... ca_list = /etc/sip-proxy/certs/ca_list.pem [server:default] ... ca_list = /etc/sip-proxy/certs/ca_list.pem Result was that kamailio started OK. Then in tls config file I replaced ca_list with ca_path: ca_path = /etc/sip-proxy/certs/ca_list and kamailio failed to start: Mar 23 12:19:06 lohi /usr/bin/sip-proxy[1435]: INFO: tls [tls_domain.c:329]: ksr_tls_fill_missing(): TLSs<default>: ca_list='(null)' Mar 23 12:19:06 lohi /usr/bin/sip-proxy[1435]: INFO: tls [tls_domain.c:336]: ksr_tls_fill_missing(): TLSs<default>: ca_path='/etc/sip-proxy/certs/ca_list' ... Mar 23 12:19:06 lohi /usr/bin/sip-proxy[1435]: ERROR: tls [tls_domain.c:601]: load_ca_list(): TLSs<default>: Error while setting client CA list Mar 23 12:19:06 lohi /usr/bin/sip-proxy[1435]: ERROR: tls [tls_util.h:42]: tls_err_ret(): load_ca_list:error:0200100E:system library:fopen:Bad address Mar 23 12:19:06 lohi /usr/bin/sip-proxy[1435]: ERROR: tls [tls_util.h:42]: tls_err_ret(): load_ca_list:error:20074002:BIO routines:file_ctrl:system lib Mar 23 12:19:06 lohi /usr/bin/sip-proxy[1435]: ERROR: <core> [core/sr_module.c:865]: init_mod_child(): error while initializing module tls (/usr/lib/x86_64-linux-gnu/sip-proxy/modules/tls.so) (idx: 0 rank: -127 desc: [main]) _______________________________________________ Kamailio (SER) - Development Mailing List sr-dev@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-dev
