[OpenSIPS-Users] Opensips error
Bogdan-Andrei Iancu
bogdan at opensips.org
Tue May 15 03:40:57 EDT 2018
Hi,
First of all, carefully read the logs you get as they provide *a lot* of
useful hints.
The key log is "SSL3_GET_CLIENT_CERTIFICATE:no certificate returned" -
that means the other party did not presented a SSL ceritificate, while
your TLS setup for that domain do require one (see the
require_certificate option).
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
OpenSIPS Summit 2018
http://www.opensips.org/events/Summit-2018Amsterdam
On 05/14/2018 11:45 PM, Govindaraj, Rajesh wrote:
>
> Hi folks,
>
> Please provide any pointers if you might have.
>
> Thanks,
>
> *From:* Govindaraj, Rajesh
> *Sent:* Friday, May 11, 2018 5:37 PM
> *To:* users at lists.opensips.org
> *Subject:* Opensips error
>
> Hi,
>
> In a production environment, the below error is seen. The TLS
> handshake is fine and messages are being exchanged as seen from pcap
> and when one of the TCP message is read,
>
> 2018-05-11T11:24:05.000-04:00 [local2] [err]
> ffd-alpha-zone1-ccm1.ipc.com /usr/sbin/opensipsInternal[10325]:
> ERROR:core:_tls_read: TLS connection to 10.204.34.62:52094 read failed
>
> 2018-05-11T11:24:05.000-04:00 [local2] [err]
> ffd-alpha-zone1-ccm1.ipc.com /usr/sbin/opensipsInternal[10325]:
> ERROR:core:_tls_read: TLS read error: 1
>
> 2018-05-11T11:24:05.000-04:00 [local2] [err]
> ffd-alpha-zone1-ccm1.ipc.com /usr/sbin/opensipsInternal[10325]:
> ERROR:core:tls_print_errstack: TLS errstack: error:140890B2:SSL
> routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
>
> This error is seen. TLS read error: 1 indicates SSL_ERROR_SSL.
> Checking the pcap for success and failure case, they are no
> abnormalities. It fails for only one user randomly. Today in our test
> it failed twice with the same error when reading a TLS packet. TLS
> session establishment is fine. Any pointers would really help.
>
> Thanks,
>
> *Rajeshkumar Govindaraj*
>
> Software Engineer
> 777 Commerce Drive,
> Fairfield, CT-06825
> *T*+1 201 253 7803 |*M* +1 475 439 9918 |*E* Rajesh.Govindaraj at ipc.com
> <mailto:Rajesh.Govindaraj at ipc.com>
>
> Follow us on twitter: @ipc_Systems_Inc www.ipc.com <http://www.ipc.com/>
>
> cid:image006.jpg at 01D1940F.3E021840
>
>
>
>
> DISCLAIMER: This e-mail may contain information that is confidential,
> privileged or otherwise protected from disclosure. If you are not an
> intended recipient of this e-mail, do not duplicate or redistribute it
> by any means. Please delete it and any attachments and notify the
> sender that you have received it in error. Unintended recipients are
> prohibited from taking action on the basis of information in this
> e-mail. E-mail messages may contain computer viruses or other defects,
> may not be accurately replicated on other systems, or may be
> intercepted, deleted or interfered with without the knowledge of the
> sender or the intended recipient. If you are not comfortable with the
> risks associated with e-mail messages, you may decide not to use
> e-mail to communicate with IPC. IPC reserves the right, to the extent
> and under circumstances permitted by applicable law, to retain,
> monitor and intercept e-mail messages to and from its systems.
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20180515/58890148/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 5325 bytes
Desc: not available
URL: <http://lists.opensips.org/pipermail/users/attachments/20180515/58890148/attachment-0001.jpg>
More information about the Users
mailing list