Possible to have require_client_cert as yes AND no at the same time?

Hello all!

Is is possible to have “require_client_cert” set in as “yes” in one transport and “no” in another or will it just use the value from the first transport in my list? I’m wondering to know if I could configure some endpoint to require client certificates while other don’t need them.

I’m using Asterisk 18.11.2

My current configuration:

[transport-tls-ipv4]
type = transport
protocol = tls
bind = :5061
method = sslv23
require_client_cert = no
cert_file = /certs/asterisk.crt
priv_key_file=/certs/asterisk.key
ca_list_file=/certs/ca.crt

[transport-tls-ipv4-encrypted]
type = transport
protocol = tls
bind = :5061
method = sslv23
require_client_cert = yes
cert_file = /certs/asterisk.crt
priv_key_file=/certs/asterisk.key
ca_list_file=/certs/ca.crt

You can’t have two transports bound to the same port, and while PJSIP does now support multiple transports for TLS and TCP - it’s not something that has been thoroughly tested with Asterisk.

Ah, I see. Thank you for your lightning fast reply!