Colleagues, can you please tell me if, when using SIPS, it is possible to carry out authentication and authorization not on the basis of a username and password, but on the basis of a client SSL/TLS certificate?
In other words, if the client used a well-known client certificate when establishing the connection, then the Asterisk already knows that this is peer bill_sip, with all the ensuing administrative circumstances - accepting incoming connections, setting its CID, entering IP into the registration table, etc.
Can I get information from a macro, subroutine or any other application that a client certificate was used during the connection and see its parameters?
You can see whether the connection is secured, that’s the extent of it. I believe it’s an item on the CHANNEL dialplan function. You can’t retrieve any parameters or details about the TLS connection.