[Blink] Blink not recognizing private CA certificate

Saúl Ibarra Corretgé saul at ag-projects.com
Tue Dec 2 11:40:13 CET 2014


Hi Ben,

Sorry for the delay, this got lost in my inbox :-S

On 10 Nov 2014, at 00:20, Ben Klang <bklang at mojolingo.com> wrote:

> Hello all,
> 
> I’m trying to figure out where Blink’s CA certificate store is.  I’m using Blink Pro on OS X (Yosemite).  I’ve imported my CA certificate into both my Login and System keychains and set it to trusted.  Safari validates the certificate fine. But when I try to connect to my Asterisk 13 instance secured with TLS, I get the error “503 SSL certificate verification error (PJSIP_TLS_ECERTVERIF)”.  Disabling the certificate check in the Advanced section makes the registration work.  What am I missing?
> 

Currently Blink has the limitation that it can only use one set of TLS settings, that is, certificate + key and CA bundle. All of them are required to get the TLS transport working and Blink comes with a bundled CA cert (a dummy one). There is no setting for it because we have some internal fixes to do before we can make it actually useful. 

You could replace /Applications/Blink\ Pro.app/Contents/Resources/ca.crt with your own CA bundle, but I guess OSX would complain about signatures…

TLDR: right now it’s not really possible to do server verification.


Cheers,

--
Saúl Ibarra Corretgé
AG Projects



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.ag-projects.com/pipermail/blink/attachments/20141202/71e9f618/attachment.pgp>


More information about the Blink mailing list