List Info

Thread: RE: MTLS
RE: MTLS
user name
 2006-05-25 16:50:34 
I've been working this issue with Live Communication
Server.  

I have had the current version of Repro connected with TLS
between two
servers, I will chime in on this later today, I'm just to
buried to
write it up at the moment, but I also plan on writing a
document on this
add adding it to the documentation.

I have had some success with LCS and outbound connections
(Repro->LCS),
which seems to work OK, but I haven't completed this step
do to
certificate requirements for LCS.  But the LCS->Repro
connection
completely fails in the OpenSSL layer, and I haven't
determined why.

Kenny.

-----Original Message-----
From: Scott Godin [mailto:slgodinicescape.com] 
Sent: Thursday, May 25, 2006 10:47 AM
To: Kenny Goers; repro-devellist.sipfoundry.org
Subject: RE: [repro-devel] MTLS

To connect to LCS with TLS the addTransport call must
specify a security
type of SSLv23.  Since repro does not specify this argument
(it uses the
default of TLSv1) - it will not work as is.  You must modify
the
addTransport code in repro.cxx in order to get this to work.
 Note:  We
should add a command line switch for this.

As for MTLS - this simply means that the both client and
server ends of
the TLS connection perform certificate and domain name
validation.
Repro does not perform MTLS connection checks (it does
client side
checks only), but it can be used with systems that do -
since it will
provide its certificate to the far end, if/when requested.

Scott

> -----Original Message-----
> From: repro-devel-bounceslist.sipfoundry.org
[mailto:repro-devel-
> bounceslist.sipfoundry.org] On Behalf Of Kenny Goers
> Sent: Wednesday, May 24, 2006 9:50 AM
> To: repro-devellist.sipfoundry.org
> Subject: [repro-devel] MTLS
> 
> 
> Hello all,
> 
> I've been working to get Repro to connect to LCS using
various setups,
> but using any kind of TLS/secure connection causes it
to fail.  I'm
> guessing this is because Microsoft is using a custom
form of TLS it
> calls MTLS.  Does anyone know if OpenSSL supports MTLS?
 Or is it a
> custom implementation?
> 
> I've tried but have been unable to find ANY useful
information on
MTLS.
> 
> Thanks,
> Kenny.
> _______________________________________________
> repro-devel mailing list
> repro-devellist.sipfoundry.org
> https://list.sipfoundry.org/mailman/listinfo/repro-devel

_______________________________________________
repro-devel mailing list
repro-devellist.sipfoundry.org
https://list.sipfoundry.org/mailman/listinfo/repro-devel
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )