[OpenSIPS-Users] SIP Over TLS using OpenSIPS
David Chedid
dchedid at p-group.cc
Tue Mar 29 08:54:34 CEST 2011
Dears,
Any one can help on this?
Thanks,
BR,
Dears,
I am trying to use OpenSIPS with TLS but didn't work till now :(
I am getting the following error:
Mar 25 14:09:49 [16855] DBG:core:print_ip: tcpconn_new: new tcp connection
to: 192.168.20.19
Mar 25 14:09:49 [16855] DBG:core:tcpconn_new: on port 4034, type 3
Mar 25 14:09:49 [16855] DBG:core:tls_tcpconn_init: entered: Creating a whole
new ssl connection
Mar 25 14:09:49 [16855] DBG:core:tls_tcpconn_init: looking up socket based
TLS server domain [192.168.168.28:5061]
Mar 25 14:09:49 [16855] DBG:core:tls_find_server_domain: virtual TLS server
domain found
Mar 25 14:09:49 [16855] DBG:core:tls_tcpconn_init: found socket based TLS
server domain [192.168.168.28:5061]
Mar 25 14:09:49 [16855] DBG:core:tls_tcpconn_init: Setting in ACCEPT mode
(server)
Mar 25 14:09:49 [16855] DBG:core:tcpconn_add: hashes: 770, 1
Mar 25 14:09:49 [16855] DBG:core:handle_new_connect: new connection:
0xafc4f7c8 25 flags: 0002
Mar 25 14:09:49 [16855] DBG:core:send2child: to tcp child 0 0(16847),
0xafc4f7c8
Mar 25 14:09:49 [16847] DBG:core:handle_io: received n=4 con=0xafc4f7c8,
fd=12
Mar 25 14:09:49 [16847] DBG:core:io_watch_add: io_watch_add(0x81b6ec0, 12,
2, 0xafc4f7c8), fd_no=1
Mar 25 14:09:49 [16847] DBG:core:tls_update_fd: New fd is 12
Mar 25 14:09:49 [16847] DBG:core:tls_update_fd: New fd is 12
Mar 25 14:09:49 [16847] ERROR:core:tls_accept: some error in SSL (ret=0,
err=1, errno=0/Success):
Mar 25 14:09:49 [16847] ERROR:core:tls_print_errstack: error:14094418:SSL
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
Mar 25 14:09:49 [16847] DBG:core:io_watch_del: io_watch_del (0x81b6ec0, 12,
-1, 0x10) fd_no=2 called
Mar 25 14:09:49 [16847] DBG:core:release_tcpconn: releasing con 0xafc4f7c8,
state -2, fd=12, id=1
Mar 25 14:09:49 [16847] DBG:core:release_tcpconn: extra_data 0xafc5f8e4
Mar 25 14:09:49 [16855] DBG:core:handle_tcp_child: reader response=
afc4f7c8, -2 from 0
Mar 25 14:09:49 [16855] DBG:core:tcpconn_destroy: destroying connection
0xafc4f7c8, flags 0002
Mar 25 14:09:49 [16855] DBG:core:tls_close: closing SSL connection
Mar 25 14:09:49 [16855] DBG:core:tls_update_fd: New fd is 25
Mar 25 14:09:49 [16855] DBG:core:tls_shutdown: shutdown successful
Mar 25 14:09:49 [16855] DBG:core:tls_tcpconn_clean: entered
Below the configuration file for the debug and TLS Section:
debug=4
fork=yes
log_stderror=yes
check_via=no
dns=no
rev_dns=no
tls_client_domain_avp=0
disable_tls = no
listen = tls:192.168.168.28:5061
tls_verify_server = 1
tls_verify_client = 1
tls_require_client_certificate = 1
tls_handshake_timeout=30
tls_send_timeout=30
tls_method = TLSv1
tls_ciphers_list="NULL"
tls_certificate = "/usr/local/etc/opensips//tls/user/user-cert.pem"
tls_private_key = "/usr/local/etc/opensips//tls/user/user-privkey.pem"
tls_ca_list = "/usr/local/etc/opensips//tls/user/user-calist.pem"
tls_server_domain [192.168.168.28:5061]
{
tls_certificate = "/usr/local/etc/opensips//tls/user/user-cert.pem"
tls_private_key = "/usr/local/etc/opensips//tls/user/user-privkey.pem"
tls_ca_list = "/usr/local/etc/opensips/tls//user/user-calist.pem"
tls_method = TLSv1
}
Below you can find also info regarding my OpenSIPS server
version: opensips 1.6.4-2-tls (i386/linux)
flags: STATS: Off, USE_IPV6, USE_TCP, USE_TLS, DISABLE_NAGLE, USE_MCAST,
SHM_MEM, SHM_MMAP, PKG_MALLOC, F_MALLOC, FAST_LOCK-ADAPTIVE_WAIT
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16,
MAX_URI_SIZE 1024, BUF_SIZE 65535
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
svnrevision: unknown
@(#) $Id: main.c 7530 2010-12-13 19:07:53Z bogdan_iancu $
main.c compiled on 13:57:04 Jan 31 2011 with gcc 4.2.4
Linux 2.6.24-23-server #1 SMP Thu Nov 27 19:19:15 UTC 2008 i686 GNU/Linux
Ubuntu 8.04.4 LTS \n \l
Inform me if how can I fix this issue, and if you need more info don't
hesitate to contact me.
BR,
More information about the Users
mailing list