Summary:ASTERISK-17256: Ability to specify path to self signed SSL cert CA
Reporter:SplatNIX (uxbod)Labels:
Date Opened:2011-01-17 05:04:49.000-0600Date Closed:2011-01-17 09:02:40.000-0600
Versions:Frequency of
Description:When a HTTPS URL points to a server with a self signed cert one receives the following error message:

[Jan 17 09:23:35] WARNING[27663]: res_calendar_icalendar.c:146 fetch_icalendar: Unable to retrieve iCalendar 'testcal' from 'https://office.test.net/home/teamshare@test.net/Calendar/': Server certificate verification failed: issuer is not trusted

I believe that if an additional option was added to calendar.conf eg:

type = ical
url =    ; URL to shared calendar (Zimbra example)
user =   ; web username
secret = ; web password
cert   = ; path to cert CA

the CA could then be loaded using:

void ne_ssl_trust_cert (ne_session *session, const ne_ssl_certificate *cert);

as in example code from http://linux.die.net/man/3/ne_ssl_trust_default_ca

Comments:By: Leif Madsen (lmadsen) 2011-01-17 09:02:40.000-0600

While I agree this would be a great feature, we can't track feature requests on the issue tracker without submitted code. Please bring this up as a discussion point on the #asterisk-dev mailing list.