[OpenSIPS-Users] wss and tls
Bogdan-Andrei Iancu
bogdan at opensips.org
Tue Jan 3 18:57:02 UTC 2023
Hi,
Check with tcpdump to see what happens at TCP layer - it may be the
client closing the conn while opensips is performing the accept.
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
https://www.opensips-solutions.com
OpenSIPS Bootcamp 5-16 Dec 2022, online
https://www.opensips.org/training/OpenSIPS_eBootcamp_2022/
On 12/15/22 6:35 PM, nutxase via Users wrote:
> Hi All
>
> I am trying to get tls working with my letsencrypt cert but i keep
> getting this error
>
> ERROR:tls_openssl:openssl_tls_accept: SSL_ERROR_SYSCALL err=Success(0)
> ERROR:tls_openssl:openssl_tls_accept: New TLS connection from
> xxxx:47817 failed to accept
> Dec 15 16:32:54 [localhost] /usr/sbin/opensips[4373]:
> ERROR:proto_wss:wss_read_req: cannot fix read connection
>
> my config is as follows
> loadmodule "tls_openssl.so"
>
> modparam("tls_mgm", "server_domain", "sip")
> modparam("tls_mgm", "ca_list", "[sip]/etc/letsencrypt/fullchain.pem")
> modparam("tls_mgm", "certificate", "[sip]/etc/opensips/tls/cert.pem")
> modparam("tls_mgm", "private_key", "[sip]/etc/opensips/tls/ckey.pem")
> modparam("tls_mgm", "require_cert", "[sip]0")
> modparam("tls_mgm", "tls_method", "[sip]TLSv1")
> modparam("tls_mgm", "verify_cert", "[sip]0")
> modparam("tls_mgm", "match_sip_domain", "[sip]*")
> modparam("tls_mgm", "match_ip_address", "[sip]*")
>
> modparam("tls_mgm", "client_domain", "sip1")
> modparam("tls_mgm", "ca_list", "[sip1]/etc/letsencrypt/fullchain.pem")
> modparam("tls_mgm", "certificate", "[sip1]/etc/opensips/tls/cert.pem")
> modparam("tls_mgm", "private_key", "[sip1]/etc/opensips/tls/ckey.pem")
> modparam("tls_mgm", "require_cert", "[sip1]0")
> modparam("tls_mgm", "tls_method", "[sip1]TLSv1")
> modparam("tls_mgm", "verify_cert", "[sip1]0")
> modparam("tls_mgm", "match_sip_domain", "[sip]*")
> modparam("tls_mgm", "match_ip_address", "[sip]*")
>
> loadmodule "proto_wss.so"
> modparam("proto_wss", "require_origin", no)
> loadmodule "proto_ws.so"
> modparam("proto_ws", "require_origin", no)
>
> i have tried wolfssl aswell
> any ideas :(
>
>
> Sent with Proton Mail <https://proton.me/> secure email.
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20230103/cd082808/attachment-0001.html>
More information about the Users
mailing list