[OpenSER-Users] UA Cant Connect To TLS

Ali Jawad ali.jawad at splendor.net
Wed Mar 26 14:14:31 CET 2008 

Thanks for your help and interest Bogdan..I know you are busy..I know
that my script is related to the GW forwarding but that is the only
thing related RELAY that I do "With reference to your first replay"

My config is http://pastebin.com/m45551815

-----Original Message-----
From: Bogdan-Andrei Iancu [mailto:bogdan at voice-system.ro] 
Sent: Wednesday, March 26, 2008 3:07 PM
To: Ali Jawad
Cc: users at lists.openser.org
Subject: Re: [OpenSER-Users] UA Cant Connect To TLS

Hi Ali,

but the script you listed doesn't seam to be related to REGISTER 
processing....for a GW forwarding.

Regards,
Bogdan

Ali Jawad wrote:
> Hi Bodgan 
> Thank you for your help
>
> I had the following "now commented" statement in route[1]
>
> route[1] {
>
>     xlog("L_INFO","rewritehostport to VOIP_GW:5060");
> ##      Removed On 1.36 25 03 08
> ##      sethostport("xx.xx.xx.xx:5060");
>
>         if (subst_uri('/(sip:.*);nat=yes/\1/')){
>                 setbflag(6);
>         };
>
>         if (isflagset(5)||isbflagset(6)) {
>                 route(3);
>         }
>
>         if (!t_relay()) {
>                 sl_reply_error();
>         };
>         exit;
> }
>
>
> I commented it out as you can see now I cant login either but I am
> getting these errors 
>
> Forbidden and Unauthorized
>
>
> Another thing I would like to mention is that it worked with non TLS
> clients using the previous setups.
>
> Thx for your help so far.
> -----Original Message-----
> From: Bogdan-Andrei Iancu [mailto:bogdan at voice-system.ro] 
> Sent: Tuesday, March 25, 2008 1:02 PM
> To: Ali Jawad
> Cc: users at lists.openser.org
> Subject: Re: [OpenSER-Users] UA Cant Connect To TLS
>
> Hi Ali,
>
> The REGISTER gets to the server and it is processed by the routing 
> script - your script tries to relay the request to another
destination:
> Mar 19 12:04:42 [29280] DBG:tm:t_relay_to: new transaction fwd'ed
>
> I would say the problem is on the cfg script and not in TLS part.
>
> Regards,
> Bogdan
>
> Ali Jawad wrote:
>   
>> Hi All
>>
>> My UA cant connect to tls on my openser server, as per logs
everything
>>     
>
>   
>> seems fine ..I don't know why it disconnects in the end ..the log is 
>> http://java.pastebin.ca/948774
>>
>> My TLS settings are
>>
>> /* uncomment the following lines to enable TLS support (default off)
>>     
> */
>   
>> #disable_tls = yes
>>
>> disable_tls = no
>>
>> listen = tls:xx.xx.x.xx.x
>>
>> tls_verify_server = 1
>>
>> tls_verify_client = 1
>>
>> tls_require_client_certificate = 0
>>
>> tls_method = TLSv1
>>
>> #tls_certificate = "/usr/local/eyeball/license/cert.pem"
>>
>> #tls_private_key = "/usr/local/eyeball/license/privkey.pem"
>>
>> #tls_ca_list = "/usr/local/eyeball/license/splendor3.crtpvk.pem"
>>
>> tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"
>>
>> tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"
>>
>> tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"
>>
>> #port=5060
>>
>> /* uncomment and configure the following line if you want openser to
>>
>> bind on a specific interface/port/proto (default bind on all
>>     
> available) */
>   
>> listen=udp:87.236.144.13:5060
>>
>> #listen=tcp:87.236.144.12:5060
>>
>> sip_warning=yes
>>
>>
>>     
>
------------------------------------------------------------------------
>   
>> _______________________________________________
>> Users mailing list
>> Users at lists.openser.org
>> http://lists.openser.org/cgi-bin/mailman/listinfo/users
>>   
>>     
>
>
>   


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the Users mailing list