Bug 95 - TLS: warn or refuse to run with wildcard certificates
Summary: TLS: warn or refuse to run with wildcard certificates
Status: NEW
Alias: None
Product: resiprocate
Classification: Unclassified
Component: stack (libresip) (show other bugs)
Version: unspecified
Hardware: All All
: P1 minor
Assignee: Owner of all unassigned bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-08-11 15:47 CDT by Daniel Pocock
Modified: 2015-09-18 05:30 CDT (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Pocock 2015-08-11 15:47:04 CDT
RFC 5922 prohibits wildcard certificates

Maybe they can be supported with a hack (like the hack for using email certificates as if they are SIP client certificates) but if the hack is not enabled, it should warn about them or refuse to use them as a local certificate.
Comment 1 Daniel Pocock 2015-09-18 05:30:50 CDT
The BaseSecurity class already includes a variable mAllowWildcardCertificates that may be useful for this.