[OpenSIPS-Users] Could not enable crypto
samuel
samu60 at gmail.com
Mon Nov 14 13:15:17 CET 2011
Hi folks,
I've got the following scenario:
CDRTool (8.2.2) installed from sources is trying to communicate to a
media-proxy dispatcher (2.5.2) installed from ag-projects repository.
The problem I'm facing is that from the CDRTool web interface, when I try
to check the real-time usage in the section Sessions, the following error
appear:
(...)
Error connecting to tcp://W.X.Y.Z:25061: (Could not enable crypto)
(...)
The logs at the dispatcher server is the next one:
(...)
debug: Connection to Management interface client lost: A TLS packet with
unexpected length was received.
(...)
The "funny" thing is that if I use the following PHP script from the CLI,
using the same cert as the installation process describes, I'm able to get
the sessions:
#!/usr/bin/php -q
<?php
$host ='W.X.Y.Z';
$port = 25061;
$timeout = 10;
$cert = './mediaproxy.W.X.Y.Z.pem';
$context = stream_context_create(array('ssl'=>array('local_cert'=>
$cert,)));
$fp = stream_socket_client('tcp://'.$host.':'.$port, $errno, $errstr, 30,
STREAM_CLIENT_CONNECT, $context);
if (!$fp) {
echo "ERROR: $errno - $errstr\n";
} else {
if (stream_socket_enable_crypto($fp, true,
STREAM_CRYPTO_METHOD_SSLv3_CLIENT)) {
fputs($fp, "sessions\r\n");
echo fread($fp,8192);
fclose($fp);
} else {
echo "ERROR: could not enable crypto\n";
}
}
?>
I've got the feeling there's some "stupid" thing either in apache2 or in
cdrtool configuration that does not let use TLS to the socket and it stays
in "TCP-mode". Can anyone provide any shed on this issue?
Thank you very much in advance,
Samuel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20111114/a0ea443d/attachment.htm>
More information about the Users
mailing list