[OpenSIPS-Users] TLS_MGM module with DB(MYSQL)

Saurabh Chopra saurabhc at 3clogic.com
Fri May 28 11:56:19 EST 2021 

Hi Opensips Team/ Callum,

Thanks for the response, I successfully inserted the content of my
files(certificate) in mysql DB. But when I try to run the script the
opensips is crashing now with errors.

May 28 11:45:59  /usr/local/sbin/opensips[1268]:
CRITICAL:db_mysql:wrapper_single_mysql_real_query: driver error (1064): You
have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near
'.36.64:443,match_sip_domain,type,method,0,0,certificate,private_key,crl_check_al'
at line 1
May 28 11:45:59  /usr/local/sbin/opensips[1268]: ERROR:core:db_do_query:
error while submitting query - [select
id,xxxx.i3clogic.com,x.x.36.64:443,match_sip_domain,type,method,0,0,certificate,private_key,crl_check_all,crl_dir,ca_list,ca_dir,cipher_list,dh_params,ec_curve
from tls_mgm ]
May 28 11:45:59   /usr/local/sbin/opensips[1268]: ERROR:tls_mgm:load_info:
DB query failed - retrieve valid connections
May 28 11:45:59  /usr/local/sbin/opensips[1268]: ERROR:tls_mgm:load_info:
Unable to load domains info from DB
May 28 11:45:59 /usr/local/sbin/opensips[1268]: ERROR:core:init_mod: failed
to initialize module tls_mgm
May 28 11:45:59  /usr/local/sbin/opensips[1268]: ERROR:core:main: error
while initializing modules

Given these parameters in the config script.

loadmodule "tls_mgm.so"
modparam("tls_mgm", "db_url", "mysql://root:xxxxx@localhost/opensips")
modparam("tls_mgm", "db_table", "tls_mgm")
modparam("tls_mgm", "domain_col", "xxxxxx.i3clogic.com")
modparam("tls_mgm", "match_ip_address_col", "xx.xx36.64:443")
modparam("tls_mgm", "tls_method_col", "method")
modparam("tls_mgm", "verify_cert_col", "0")
modparam("tls_mgm", "require_cert_col", "0")
modparam("tls_mgm", "certificate_col", "certificate")
modparam("tls_mgm", "private_key_col", "private_key")
modparam("tls_mgm", "crl_check_all_col", "crl_check_all")
modparam("tls_mgm", "crl_dir_col", "crl_dir")
modparam("tls_mgm", "ca_list_col", "ca_list")

Kindly help in this matter.

Best Regards
Saurabh Chopra
+918861979979


On Wed, May 26, 2021 at 5:06 PM Callum Guy <callum.guy at x-on.co.uk> wrote:

> You need to insert the certificate contents into the table rather than a
> file, to my understanding - you'd probably want to convert the certs to PEM
> format prior to doing this.
>
>
>
>
>
> On Tue, 25 May 2021 at 14:20, Saurabh Chopra <saurabhc at 3clogic.com> wrote:
>
>> Hi Opensips Team/Razvan,
>>
>> I am using the TLS_MGM module to validate my certificate file through a
>> database (mysql) but getting the below error.
>>
>> May 25 12:41:28 ip-20-0-36-64 /usr/local/sbin/opensips[16297]:
>> NOTICE:tls_mgm:init_tls_dom: no crl for tls, using none
>> May 25 12:41:28 ip-20-0-36-64 /usr/local/sbin/opensips[16297]: *ERROR:tls_mgm:load_certificate_db:
>> Unable to load certificate from buffer*
>> May 25 12:41:28 ip-20-0-36-64 /usr/local/sbin/opensips[16297]:
>> WARNING:tls_mgm:init_tls_domains: Failed to init TLS domain 'default',
>> skipping...
>>
>> The data i have put in DB is depicted below:-
>>
>> insert into tls_mgm
>> (id,domain,match_ip_address,match_sip_domain,type,method,verify_cert,require_cert,certificate,private_key,crl_check_all,crl_dir,ca_list,ca_dir,
>> cipher_list,dh_params,ec_curve) values
>> ('1','default','20.0.xx.xx:443','','1','SSLv23','1','0','xxxx2021.der','xxxx.der','0','','xxxxx2021.der','','ALL','','');
>>
>> *.der* files are the binary file for certificate file, private key file
>> and ca_list .  However the same is working fine through the configuration
>> script.
>>
>> Can anybody confirm what I am doing wrong ?
>>
>>
>> Best Regards
>> Saurabh Chopra
>> +918861979979
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>
>
> *0333 332 0000  |  x-on.co.uk <https://www.x-on.co.uk>  |   **
> <https://www.linkedin.com/company/x-on>   <https://www.facebook.com/XonTel>
>   <https://twitter.com/xonuk> **  |  Coronavirus
> <https://www.x-on.co.uk/service/surgery-connect/coronavirus.htm>**
> |  Practice Index Reviews <https://practiceindex.co.uk/gp/x-on>*
>
> THE ITSPA AWARDS 2020 <http://www.itspa.org.uk/itspa-awards> AND Best
> ITSP - Mid Market, Best Software and Best Vertical Solution are trade marks
> of the Internet Telephony Services Providers' Association, used under
> licence.
>
> *Our new office address: 22 Riduna Park, Melton IP12 1QT.*
>
> X-on is a trading name of Storacall Technology Ltd a limited company
> registered in England and Wales.
> Registered Office : Avaland House, 110 London Road, Apsley, Hemel
> Hempstead, Herts, HP3 9SD. Company Registration No. 2578478.
> The information in this e-mail is confidential and for use by the
> addressee(s) only. If you are not the intended recipient, please notify
> X-on immediately on +44(0)333 332 0000 and delete the
> message from your computer. If you are not a named addressee you must not
> use, disclose, disseminate, distribute, copy, print or reply to this email. Views
> or opinions expressed by an individual
> within this email may not necessarily reflect the views of X-on or its
> associated companies. Although X-on routinely screens for viruses,
> addressees should scan this email and any attachments
> for viruses. X-on makes no representation or warranty as to the absence of
> viruses in this email or any attachments.
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20210528/7ab294d0/attachment-0001.html>

More information about the Users mailing list