Hi Bill, thank for the answer and you're are right, I noticed, just after sending the this mail, that the problem was that I missed enabling verify_server flag. Now certification verification is working properly. Once again, thank you very much. Best, Joel. 2014-06-03 20:29 GMT+02:00 Bill Gardner <billg at wavearts.com>: > Did you also set --tls-verify-server option? - Bill > > > On 6/3/2014 10:31 AM, Joel Centelles wrote: > > Hi everybody, > > Currently I've a TLS connection properly configured and running with a > Kamailio server but, in order to verify my server's identity, I planned to > use tls_setting.ca_list_file option. > > I configured it and everything was OK but, the strange behaviour came > when, just for checking that non valid certificates were properly > rejected, I changed some bytes in cert file and the connection was still > established. > > I was expecting some kind of certification verification failure. May I > be misunderstanding something? > > Thank you very much. > > Regards, > Joel. > > > _______________________________________________ > Visit our blog: http://blog.pjsip.org > > pjsip mailing listpjsip at lists.pjsip.orghttp://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org > > > > _______________________________________________ > Visit our blog: http://blog.pjsip.org > > pjsip mailing list > pjsip at lists.pjsip.org > http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.pjsip.org/pipermail/pjsip_lists.pjsip.org/attachments/20140605/3b955ef5/attachment.html>
