[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Linphone-users] Linphone rejects valid certificate

From: Chris Woods
Subject: Re: [Linphone-users] Linphone rejects valid certificate
Date: Mon, 9 Nov 2020 00:44:55 +0000

On Sun, 8 Nov 2020, 23:38 Robert Dyck, <> wrote:
Version Core 4.4.0-13-gc99cb9c88 Appimage

 The server/proxy is opensips. The certificate that is installed in opensips
works for other user agents. Linphone rejects the certificate. The certificate
was generated by Lets Encrypt.

2020-11-08 15:23:44:071 [AppRun.wrapped/belle-sip] MESSAGE Channel
[0x4c70290]: SSL handshake in progress...
2020-11-08 15:23:44:091 [AppRun.wrapped/belle-sip] MESSAGE Found certificate
depth=[0], flags=[not-trusted ]:
cert. version     : 3
serial number     : 03:3D:58:6A:10:1B:E4:D8:68:7C:2F:14:41:57:D4:C9:D0:8B
issuer name       : C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
subject name      :
issued  on        : 2020-09-25 15:29:57
expires on        : 2020-12-24 15:29:57
signed using      : RSA with SHA-256
RSA key size      : 2048 bits
basic constraints : CA=false
subject alt name  :
key usage         : Digital Signature, Key Encipherment
ext key usage     : TLS Web Server Authentication, TLS Web Client

2020-11-08 15:23:44:091 [AppRun.wrapped/belle-sip] ERROR Channel [0x4c70290]:
SSL handshake failed : X509 - Certificate verification failed, e.g. CRL, CA or
signature check failed

That sounds symptomatic of Linphone either using its own CA bundle, which may be out of date and doesn't include the Let's Encrypt Root CA certs, or the app is not able to query the system CA root bundle to validate your end entity cert.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]