[OpenSIPS-Users] Could not enable crypto
Adrian Georgescu
ag at ag-projects.com
Mon Nov 14 18:19:27 CET 2011
The only reason I can imagine is that you have not installed a PHP related package for TLS or Encryption in the Apache version.
I would check if I were you, the list of packages that I have installed for the CLI version of PHP and the Apache version of PHP, the difference could give me a clue about what am I missing o is different from the Apache version.
Adrian
On Nov 14, 2011, at 1:15 PM, samuel wrote:
> Hi folks,
>
> I've got the following scenario:
> CDRTool (8.2.2) installed from sources is trying to communicate to a media-proxy dispatcher (2.5.2) installed from ag-projects repository.
> The problem I'm facing is that from the CDRTool web interface, when I try to check the real-time usage in the section Sessions, the following error appear:
> (...)
> Error connecting to tcp://W.X.Y.Z:25061: (Could not enable crypto)
> (...)
>
> The logs at the dispatcher server is the next one:
> (...)
> debug: Connection to Management interface client lost: A TLS packet with unexpected length was received.
> (...)
>
> The "funny" thing is that if I use the following PHP script from the CLI, using the same cert as the installation process describes, I'm able to get the sessions:
>
> #!/usr/bin/php -q
>
> <?php
> $host ='W.X.Y.Z';
> $port = 25061;
> $timeout = 10;
> $cert = './mediaproxy.W.X.Y.Z.pem';
> $context = stream_context_create(array('ssl'=>array('local_cert'=> $cert,)));
> $fp = stream_socket_client('tcp://'.$host.':'.$port, $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $context);
> if (!$fp) {
> echo "ERROR: $errno - $errstr\n";
> } else {
> if (stream_socket_enable_crypto($fp, true, STREAM_CRYPTO_METHOD_SSLv3_CLIENT)) {
> fputs($fp, "sessions\r\n");
> echo fread($fp,8192);
> fclose($fp);
> } else {
> echo "ERROR: could not enable crypto\n";
> }
> }
>
> ?>
>
> I've got the feeling there's some "stupid" thing either in apache2 or in cdrtool configuration that does not let use TLS to the socket and it stays in "TCP-mode". Can anyone provide any shed on this issue?
>
> Thank you very much in advance,
> Samuel
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
More information about the Users
mailing list