Test 2 is on this URL. Please notice the port number!
- At this point, you need the TLS-o-matic certificate in your CA list on the system you are testing from.
- FAIL: This test should fail due to a bad host name in the certificate
When accessing a TLS server, the client has some form of address it wants to reach. In this case, it’s “test2.tls-o-matic.com“. This exact address needs to be in the certificate in order for the client to verify that it is indeed accessing the server it was looking for.
Remember that the certificate is a trusted certificate (if you trust our CA). It’s not just valid for this server.
Each protocol has it’s own rules on what to look for when validating a certificate to a request. In SIP, it’s the domain part of the request URI.