I am trying to enable mutual TLS handshake in asterisk 1.8 SVN release 360138, I already enabled TLS but in Normal mode where only the Server is authenticated and the client is authenticated through the classic SIP http md5 authentication. I am trying to enable mutual certificate authentication for both the client and the server.
I searched on the internet and i found that exist a comand like:
tlsverifyclient=yes or
tls_verify_client=yes or
AST_SSL_VERIFY_CLIENT=1
also from the web page
svn.dd-wrt.com:8000/browser/src/ … ?rev=17004
seeing the source code i can see at 167 and 168 line that th AST_SSL_VERIFY_CLIENT parameter is checked
also at 173 line i see the error message i receive in my CLI console ‘No peer SSL certificate’
also i tried tlscapath=</path/to/ca/dir> command where i installed in one folder all the pem certificates and i run the commant c_rehash . to create their hash name.
still no matter if i tried all the possible combinations i cannot achieve to make it work.
always when the firts client tries to registrate the CLI console says:
– Unregistered SIP ‘201’
[Jun 15 00:19:16] WARNING[27245]: tcptls.c:186 handle_tcptls_connection: No peer SSL certificate
any kind of help will be highly appreciated!
any ideas???