You got me there... the doc states OpenSIPS offers SIP service for multiple 219 domains, e.g. atlanta.com and biloxi.com. Altough both domains 220 will be hosted on a single SIP proxy, the SIP proxy needs 2 221 certificates: One for atlanta.com and one for biloxi.com. For 222 incoming TLS connections If you need one cert per domain, maybe it implies that you need to have the domain as the CN instead of a SAN?
Kevin
OK so now I have this: modparam("tls_mgm","certificate", "[my.domain.name]/usr/local/etc/opensips/tls/ modparam("tls_mgm","private_key", "[my.domain.name]/usr/local/etc/opensips/tls/ modparam("tls_mgm","ca_dir", "/etc/ssl/certs") modparam("tls_mgm","verify_cert", "[my.domain.name]1") modparam("tls_mgm","require_cert", "[my.domain.name]1") modparam("tls_mgm","tls_method", "[my.domain.name]TLSv1_2") modparam("tls_mgm", "match_sip_domain", "my.domain.name") But now it claims that my.domain.name is not defined in I know it is - it is in a SAN within the certificate. Any suggestions? Many thanks Mark. On Fri, 13 Nov 2020 at 15:12, Kevin Vines <kevin.vi...@gmail.com> wrote:
Mark Farmer
farm...@gmail.com |
_______________________________________________ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users