[OpenSIPS-Users] multi domain TLS in opensips 3.1

xaled at web.de xaled at web.de
Sat Jul 4 20:37:42 EST 2020 

Hi,

I'm trying to get multi domain TLS with MS Teams going and kind of stuck at the beginning. 
According to MS Teams interconnect tutorial tls_handshake_timeout shall be set to 300. Setting this parameter independent from TLS domain gives an error that parameter is not found.

#modparam("tls_mgm", "tls_handshake_timeout", "300")

# generic TLS server domain, if the client does not provide SNI
modparam("tls_mgm", "server_domain", "test")
modparam("tls_mgm", "match_ip_address", "[test]*")
modparam("tls_mgm", "match_sip_domain", "[test]none")
modparam("tls_mgm", "certificate", "[test]/etc/ssl/private/test.crt")
modparam("tls_mgm", "private_key", "[test]/etc/ssl/private/test.key")
modparam("tls_mgm", "ca_list", "[test]/etc/ssl/private/test-ca.pem")
modparam("tls_mgm", "tls_method", "[test]TLSv1-")
modparam("tls_mgm", "verify_cert", "[test]0")
modparam("tls_mgm", "require_cert", "[test]0")


# MS Teams TLS config
modparam("tls_mgm", "server_domain", "test_dom")
modparam("tls_mgm", "match_ip_address", "[test_dom]*")
modparam("tls_mgm", "match_sip_domain", "[test_dom]sip4teams.test.com")
#modparam("tls_mgm", "tls_handshake_timeout", [test_dom]300)
modparam("tls_mgm", "certificate", "[test_dom]/etc/ssl/private/test.crt")
modparam("tls_mgm", "private_key", "[test_dom]/etc/ssl/private/test.key")
modparam("tls_mgm", "ca_list", "[test_dom]/etc/ssl/private/test-ca.pem")
modparam("tls_mgm", "tls_method", "[test_dom]TLSv1_2")
modparam("tls_mgm", "verify_cert", "[test_dom]1")
modparam("tls_mgm", "require_cert", "[test_dom]1")

Jul  4 22:17:34 sip4teams opensips: INFO:tls_mgm:mod_load: openssl version: OpenSSL 1.1.1d  10 Sep 2019
Jul  4 22:17:34 sip4teams opensips: ERROR:core:set_mod_param_regex: parameter <tls_handshake_timeout> not found in module <tls_mgm>
Jul  4 22:17:34 sip4teams opensips: Traceback (last included file at the bottom):
Jul  4 22:17:34 sip4teams opensips:  0. /etc/opensips/opensips.cfg
Jul  4 22:17:34 sip4teams opensips: CRITICAL:core:yyerror: parse error in /etc/opensips/opensips.cfg:61:21-22: Parameter <tls_handsha
ke_timeout> not found in module <tls_mgm> - can't set
Jul  4 22:17:34 sip4teams opensips: #set global tls parameters
Jul  4 22:17:34 sip4teams opensips:
Jul  4 22:17:34 sip4teams opensips: modparam("tls_mgm", "tls_handshake_timeout", 300)
Jul  4 22:17:34 sip4teams opensips: ^~
Jul  4 22:17:34 sip4teams opensips:

More information about the Users mailing list