[OpenSIPS-Users] Opensips + TLS Error

Liviu Chircu liviu at opensips.org
Tue Nov 18 11:04:59 CET 2014 

Hello Venkatesh,

Linphone is very picky when it comes to TLS certificates - in your case, 
it rejects the certificate presented by the server.You have two ways of 
fixing your problem:

- use a certificate generated by a trusted CA for the "tls_certificate" 
parameter of your OpenSIPS script (maybe Linphone will accept it)
- make your Linphone skip server certificate verification. Put this in 
your ".linphonerc" file:

[sip]
verify_server_certs=0

Best regards,

Liviu Chircu
OpenSIPS Developer
http://www.opensips-solutions.com

On 18.11.2014 08:47, Venkatesh Macha wrote:
> Hi list,
>       
>         I am trying to Implement opensips with TLS Support. I followed  this
> <https://github.com/antonraharja/book-opensips-101/blob/master/content/3.2.%20SIP%20TLS%20Secure%20Calling.mediawiki>
> tutorial.  I am able compile and install the Opensips.every hting is fine.
>
> but when i try to connect with opensips using linphone client.. i am getting
> Following Erorrs.
>
> *ERROR:core:tls_accept: New TLS connection from 192.168.1.167:42696 failed
> to accept
> /usr/sbin/opensips[23793]: ERROR:core:tls_accept: TLS error: (ret=-1, err=5,
> errno=104/Connection reset by peer):*
>
> here is the parameter i added Opensips.cfg files
>
> disable_tls = no
> listen = tls:192.168.1.100:5061
> tls_verify_server = 1
> tls_verify_client = 1
> tls_require_client_certificate = 0
> #tls_method = TLSv1
> tls_method = SSLv23
> tls_certificate = "/usr/etc/opensips/tls/server/server-cert.pem"
> tls_private_key = "/usr/etc/opensips/tls/server/server-privkey.pem"
> tls_ca_list = "/usr/etc/opensips/tls/server/server-calist.pem"
>
> #--- TLS Specific Parameters End's Here--------------
>
> I can see few packets are transmitting through 5061 port. and all packets
> are Encrypted.
>
> What is that error, Is it problem with that linphone client. or Opensips
> server??
>
> Thank you in Advance.
>
> Venkatesh Macha,
> Junior VOIP Engineer.
>
>
>
> --
> View this message in context: http://opensips-open-sip-server.1449251.n2.nabble.com/Opensips-TLS-Error-tp7594479.html
> Sent from the OpenSIPS - Users mailing list archive at Nabble.com.
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users

More information about the Users mailing list