[SIP Beyond VoIP] TLS certificate of sip2sip.info is "wrong"

Iñaki Baz Castillo ibc at aliax.net
Wed Jan 22 15:38:50 CET 2014


2014/1/22 Adrian Georgescu <ag at ag-projects.com>:
> I believe the cert is bound to the A record where the client attempts to connect after NAPTR and SRV record lookups. A domain is served by different A records for different services and the client should use the A record name for validation rather than the original domain.

Hi Adrian!

Honestly, I must re-check it, but for now I will say that AFAIR I am
right and you are wrong, so the domain in the certificate must match
the *original* SIP domain the client is connecting to, this is: the
domain in the Request-URI !

Regards.


-- 
Iñaki Baz Castillo
<ibc at aliax.net>


More information about the SIPBeyondVoIP mailing list