[OpenSIPS-Users] 3.2.0 TLS MGM module does not load 3.1.0 domain configuration

Adrian Georgescu ag at ag-projects.com
Thu Aug 12 17:12:31 EST 2021


Hi,

I am using the latest 3.2.0 build with the old TLS configuration, with the aim to try out Wolf SSL stack.

But while the config check passed, the server does not start with the old configuration:

loadmodule “tls_mgm.so"
loadmodule “tls_wolfssl.so"
modparam("tls_mgm", "client_tls_domain_avp", "tls_client_domain")
modparam("tls_mgm", "tls_library", "auto”)

modparam("tls_mgm", "server_domain",    "ag-projects-server")
modparam("tls_mgm", "match_ip_address", "[ag-projects-server]*")
modparam("tls_mgm", "match_sip_domain", "[ag-projects-server]ag-projects.com")
modparam("tls_mgm", "tls_method",       "[ag-projects-server]TLSv1-")
modparam("tls_mgm", "certificate",      "[ag-projects-server]/etc/opensips/tls/ag-projects.crt")
modparam("tls_mgm", "private_key",      "[ag-projects-server]/etc/opensips/tls/ag-projects.key")
modparam("tls_mgm", "ca_list",          "[ag-projects-server]/etc/opensips/tls/ca-list.pem")
modparam("tls_mgm", "ca_dir",           "[ag-projects-server]/etc/ssl/certs")
modparam("tls_mgm", "verify_cert",      "[ag-projects-server]1")
modparam("tls_mgm", "require_cert",     "[ag-projects-server]0")

modparam("tls_mgm", "client_domain",    "ag-projects-client")
modparam("tls_mgm", "match_ip_address", "[ag-projects-client]*")
modparam("tls_mgm", "match_sip_domain", "[ag-projects-client]ag-projects.com")
modparam("tls_mgm", "tls_method",       "[ag-projects-client]TLSv1-")
modparam("tls_mgm", "certificate",      "[ag-projects-client]/etc/opensips/tls/ag-projects.crt")
modparam("tls_mgm", "private_key",      "[ag-projects-client]/etc/opensips/tls/ag-projects.key")
modparam("tls_mgm", "ca_list",          "[ag-projects-client]/etc/opensips/tls/ca-list.pem")
modparam("tls_mgm", "ca_dir",           "[ag-projects-client]/etc/ssl/certs")
modparam("tls_mgm", "verify_cert",      "[ag-projects-client]1")
modparam("tls_mgm", "require_cert",     "[ag-projects-client]0”)


Aug 12 18:51:14 live01 opensips[6455]: Aug 12 18:51:14 [6455] DBG:core:set_mod_param_regex: tls_mgm matches module tls_mgm
Aug 12 18:51:14 live01 opensips[6455]: Aug 12 18:51:14 [6455] DBG:core:set_mod_param_regex: found <require_cert> in module tls_mgm [/usr/lib/x86_64-linux-gnu/opensips/modules/]
Aug 12 18:51:15 live01 opensips[6455]: Aug 12 18:51:15 [6455] DBG:core:solve_module_dependencies: solving dependency tls_mgm -> module tls_wolfssl
Aug 12 18:51:15 live01 opensips[6455]: Aug 12 18:51:15 [6455] DBG:core:solve_module_dependencies: solving dependency tls_mgm -> module tls_openssl
Aug 12 18:51:15 live01 opensips[6455]: Aug 12 18:51:15 [6455] DBG:core:solve_module_dependencies: module tls_mgm soft-depends on module tls_openssl, and it was not loaded -- continuing
Aug 12 18:51:15 live01 opensips[6455]: Aug 12 18:51:15 [6455] DBG:core:solve_module_dependencies: solving dependency proto_tls -> module tls_mgm
Aug 12 18:51:15 live01 opensips[6455]: Aug 12 18:51:15 [6455] DBG:core:init_mod: initializing module tls_mgm
Aug 12 18:51:15 live01 opensips[6455]: Aug 12 18:51:15 [6455] INFO:tls_mgm:mod_init: initializing TLS management
Aug 12 18:51:15 live01 opensips[6455]: Aug 12 18:51:15 [6455] DBG:tls_mgm:load_info: 0 rows found in tls_mgm
Aug 12 18:51:15 live01 opensips[6455]: Aug 12 18:51:15 [6455] DBG:tls_mgm:load_info: 0 records found in tls_mgm
Aug 12 18:51:15 live01 opensips[6455]: Aug 12 18:51:15 [6455] INFO:tls_mgm:init_tls_dom: Processing TLS domain 'ag-projects-server'
Aug 12 18:51:15 live01 opensips[6455]: Aug 12 18:51:15 [6455] DBG:tls_mgm:init_tls_dom: no DH params file for tls domain 'ag-projects-server' defined, using default '(null)'
Aug 12 18:51:15 live01 opensips[6455]: Aug 12 18:51:15 [6455] DBG:tls_mgm:init_tls_dom: cipher list null ... setting default
Aug 12 18:51:15 live01 opensips[6455]: Aug 12 18:51:15 [6455] NOTICE:tls_mgm:init_tls_dom: no crl for tls, using none
Aug 12 18:51:15 live01 opensips[6455]: Aug 12 18:51:15 [6455] ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'ag-projects-server'
Aug 12 18:51:15 live01 opensips[6455]: Aug 12 18:51:15 [6455] ERROR:core:init_mod: failed to initialize module tls_mgm

Any ideas what am I doing wrong?

Adrian





More information about the Users mailing list