Does Zoiper have problems with RapidSSL or wildcard certificates?

0 votes

Hi Zoipers,


I have a problem with TLS negotiation in two Zoiper versions (Zoiper 3.2.21357 64bit for Linux and Zoiper 3.6.1. for iPhone). In both versions I got "Certificate Validation Failure" for domain sip.viptel.sk.


Their certificate is signed by RapisSSL and apparently they have a wildcard certificate *.viptel.sk.

Do you have problems with their Certifice Authority or it is a problem with a wildcard certificate? Or anything else :)


Kind regards

Efelin

in Linux by (150 points)

2 Answers

0 votes
Best answer

Hello,

Wildcard certificates are explicitly forbidden for sip. I don't know why.
We are considering to ignore that part of the rfc.


by (11.5k points)
selected by

Hi Joachim,


thanks for a prompt reply. Can you point me to the mentioned specification/RFC?


Kind regards


Efelin

by (150 points)

I think it's in this one. (quick google search so could be wrong).

https://tools.ietf.org/html/rfc5922



by (11.5k points)
0 votes
I had a similar issue before. It’s not really a problem with the wildcard SSL itself *.viptel.sk should be fine for sip.viptel.sk. The error usually happens if the SIP client (like Zoiper) doesn’t have the full CA chain or doesn’t trust RapidSSL by default. Try installing the RapidSSL intermediate certificate on the server side, or update the trusted CA store on your device. Once the chain is complete, Zoiper should validate the wildcard certificate without errors. As, for RapidSSL Wildcard, you can check out at:- https://certera.com/ssl/rapidssl/rapidssl-wildcard-certificate.
by (140 points)
Welcome!
Ask your questions and receive answers from other members of the Zoiper Community.

Did you check our Help Section?

You are a Zoiper Biz or Premium customer? If so, click HERE to get premium support.

Categories

2,488 questions
1,565 answers
2,330 comments
156,378 users