[SIP Beyond VoIP] TLS certificate of sip2sip.info is "wrong"
Iñaki Baz Castillo
ibc at aliax.net
Wed Jan 22 15:24:20 CET 2014
Hi,
After NAPTR / SRV procedures, sip2sip.info domain points to host
proxy.sipthor.net and port 443 for SIP over TLS.
The server certificate has the following fields:
- CN: *.sipthor.net
- SubjectAltNames:
- DNS:*.sipthor.net
- DNS:sipthor.net
But when using a sip2sip.info account, the client expects to connect
to a TLS server that provides a certificate for the domain
sip2sip.info or *.sip2sip.info in the CN or SubjectAltName fields.
This is not the case at all, so the TLS validation of the server's
certificate fails.
--
Iñaki Baz Castillo
<ibc at aliax.net>
More information about the SIPBeyondVoIP
mailing list