[OpenSIPS-Users] ERROR:core:tls_accept: New TLS connection from IP failed to accept: rejected by client
Nabeel
nabeelshikder at gmail.com
Sun Jul 5 09:36:55 CEST 2015
This error was resolved by setting 'tls_require_client_certificate = 0'.
My SIP client does not send any client certificate, so this option must be
disabled.
However, it means that the error in the OpenSIPS log is misleading and
opposite to what it should say. It is not true that the connection
was "rejected
by client" in this case; it is more true that the connection was rejected
by OpenSIPS because the client did not provide a client certificate when
OpenSIPS was expecting one.
On 4 July 2015 at 05:51, Nabeel <nabeelshikder at gmail.com> wrote:
> Hi,
>
> I get the following error when attempting to connect my SIP client to
> OpenSIPS. I understand that OpenSIPS has accepted the connection
> but then the client rejects the certificate sent by OpenSIPS. However, the
> CA root certificate (from CAcert.org) is included in the client's trust
> store, so I do not know why the client is rejecting the certificate. This
> SIP client does accept certificates from CAcert.org when connecting to
> another server (not openSIPS).
>
>
> ERROR:core:tls_accept: New TLS connection from 188.29.164.125:18084
> failed to accept: rejected by client
>
>
> Just to clarify, the certificate being sent by OpenSIPS is the
> 'tls_certificate' value from openSIPs config file, right?
>
> What other steps can I take to investigate this error?
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20150705/c3ca78bd/attachment.htm>
More information about the Users
mailing list