Sip trunk of type registration on TLS

samihep123 · February 15, 2022, 10:49am

hello,

Been trying to define a trunk from one Freepbx to another of type registration not peer.
but i am still not aware of taking the certificates to validate.

To be clear, in case of sip phones that need to register on freepbx using TLS, someone needs to take the certificates in order to upload it to the phone so it would be authenticated.

but in case of SIP trunks of type registration using TLS, lets say we have two freepbx servers and two sip trunks in two directions.

FPBX1 is the first server with sip trunk called TRUNK1 and FPBX2 is the second server with sip trunk called TRUNK2. where both servers are on TLS.

TRUNK1 acts as if it is a sip endpoint for FPBX2, thus i need to define at FPBX2 a pjsip account with same username and password. TRUNK1-that needs to register at FPBX2-needs the client certificates of FPBX2, and then here comes the problem! i dont know where to put these certificates!

what should be done?

david55 · February 15, 2022, 12:36pm

This is being continued from SIP TLS TRUNK between 2 asterisk server - Asterisk Support - Asterisk Community on the Asterisk forum, although some terminology may be FreePBX terminology.

Part of the problem seems to be fixating on the idea that there is a fundamental difference between a client and a server certificate.

samihep123 · February 15, 2022, 12:41pm

yes true this is the same account but on a different forum.

samihep123 · February 15, 2022, 12:43pm

i am trying hard to understand what you are trying to say.
but i am still not getting it!

can you tell me in details, what should be done to achieve what i am asking for? but i dont need to make a machine responsible for CA autority!

i am fine with distributing CAs.

system · March 17, 2022, 12:44pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.