Hi All,
Im a newbie to openssl. Im basically trying to establish a secure VOIP call between two end points in a private network.

I have made the following setup.
First created the pem files in the following way:
1. Created rootCA
openssl req -new -x509 -extensions v3_ca -keyout private/cakey.pem -out cacert.pem -days 3650 -config ./openssl.cnf

2.creating CSR with common name as ip addr (i.e is replaced by 54> in following command)
openssl req -new -nodes -out req.pem -config ./openssl.cnf -keyout key.pem

req54.pem -- csr key54.pem -- private key

3. Getting req54.pem signed from CA
openssl ca –extensions v3_req -out cert54.pem -config ./openssl.cnf -infiles req54.pem

I have now made the three files namely cacert.pem, key54.pem and cert54.pem available for both the phones. Each phone can initiate a TLS client trans. or a TLS server trans. appropriately

When the call is made, the calling party initiates a TLS client trans. which the called party takes up the TLS server transac.
I have observed the following packet flow:
Client Hello ---------->
<----------Server hello
<----------Certificate, server hello done
Fatal Alert ( 42)--------->
Bad certificate.

Im totally clueless on what went wrong in the creation of the files. Or is it like, im not sharing the appropriate files to support client and server transactions.
Any help would be greatly appreciated..

Regards,
Atluri.