subject:"\[OpenSIPS\-Users\] Teams TLS Error"

Re: [OpenSIPS-Users] Teams TLS Error

2020-11-17 Thread Vlad Patrascu


I guess this error, which is indeed not worded very well, threw you off:

ERROR:tls_mgm:tlsp_set_certificate: TLS domain [my.domain.com 
] not defined in '[my.domain.com 
]/usr/local/etc/opensips/tls/my_domain_com.pem'


What it actually means is that the TLS domain "my.domain.com" (the 
tls_mgm module's record/structure, ) is not defined. Refer to this [1] 
section in docs for a better explanation on the the concept of "TLS 
domains" in tls_mgm. The term "TLS domain" might be a little loose and 
generate confusion sometimes.


So what you should do is add this in your config:

modparam("tls_mgm", "server_domain", "my.domain.com")

By the way, you can use any arbitrary identifier for the domain part in 
the tls_mgm parameters, eg. :


modparam("tls_mgm", "server_domain", "mydom")

modparam("tls_mgm","certificate", 
"[mydom]/usr/local/etc/opensips/tls/myCert.pem")


...

[1] https://opensips.org/docs/modules/3.1.x/tls_mgm.html#idp2972192

Regards,

--
Vlad Patrascu
OpenSIPS Developer
http://www.opensips-solutions.com

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Teams TLS Error

2020-11-17 Thread Mark Farmer

 service for multiple  219domains, e.g. atlanta.com 
>> and biloxi.com. Altough both domains  220will be hosted on a single SIP 
>> proxy, the SIP proxy needs 2  221certificates: One for atlanta.com and 
>> one for biloxi.com. For  222incoming TLS connections
>>
>> If you need one cert per domain, maybe it implies that you need to have the 
>> domain as the CN instead of a SAN?
>>
>>  Kevin
>>
>> *From:* farm...@gmail.com
>> *Sent:* November 13, 2020 10:43 a.m.
>> *To:* users@lists.opensips.org
>> *Reply to:* users@lists.opensips.org
>> *Subject:* Re: [OpenSIPS-Users] Teams TLS Error
>>
>> OK so now I have this:
>>
>> modparam("tls_mgm","certificate", "[my.domain.name
>> ]/usr/local/etc/opensips/tls/myCert.pem")
>> modparam("tls_mgm","private_key", "[my.domain.name
>> ]/usr/local/etc/opensips/tls/myKey.key")
>> modparam("tls_mgm","ca_dir", "/etc/ssl/certs")
>> modparam("tls_mgm","verify_cert", "[my.domain.name]1")
>> modparam("tls_mgm","require_cert", "[my.domain.name]1")
>> modparam("tls_mgm","tls_method", "[my.domain.name]TLSv1_2")
>> modparam("tls_mgm", "match_sip_domain", "my.domain.name")
>>
>> But now it claims that my.domain.name is not defined in myCert.pem
>> I know it is - it is in a SAN within the certificate.
>>
>> Any suggestions?
>> Many thanks
>> Mark.
>>
>>
>> On Fri, 13 Nov 2020 at 15:12, Kevin Vines  wrote:
>>
>>> Hi Mark,
>>>
>>> Based on some googling it looks like you need to specify the domain eg:
>>>
>>> modparam("tls_mgm","verify_cert", "[domain.com]1")
>>>
>>> https://fossies.org/linux/opensips/modules/tls_mgm/README
>>>
>>> Kevin
>>> *From:* farm...@gmail.com
>>> *Sent:* November 13, 2020 9:49 a.m.
>>> *To:* users@lists.opensips.org
>>> *Reply to:* users@lists.opensips.org
>>> *Subject:* [OpenSIPS-Users] Teams TLS Error
>>>
>>> Hi everyone
>>>
>>> OpenSIPS 3.1.0
>>>
>>> I am following the OpenSIPS as Teams SBC guide and have added the TLS
>>> config:
>>>
>>> modparam("tls_mgm","verify_cert", "1")
>>> modparam("tls_mgm","require_cert", "1")
>>> modparam("tls_mgm","tls_method", "TLSv1_2")
>>> modparam("tls_mgm","certificate", "/usr/local/etc/opensips/tls/
>>> myCert.pem")
>>> modparam("tls_mgm","private_key", "/usr/local/etc/opensips/tls/myKey.key
>>> ")
>>> modparam("tls_mgm", "ca_dir", "/etc/ssl/certs")
>>>
>>> But I am seeing a TLS domain error:
>>>
>>> Nov 13 14:36:50 [175314] ERROR:tls_mgm:split_param_val: No TLS domain
>>> name
>>> Nov 13 14:36:50 [175314] Traceback (last included file at the bottom):
>>> Nov 13 14:36:50 [175314]  0. /usr/local//etc/opensips/opensips.cfg
>>> Nov 13 14:36:50 [175314] CRITICAL:core:yyerror: parse error in
>>> /usr/local//etc/opensips/opensips.cfg:191:19-20: Parameter
>>>  not found in module  - can't set
>>> Nov 13 14:36:50 [175314] #modparam("tls_mgm", "require_cert", "[dom4]1")
>>> Nov 13 14:36:50 [175314]
>>> Nov 13 14:36:50 [175314] modparam("tls_mgm","verify_cert", "1")
>>> Nov 13 14:36:50 [175314] ^~
>>> Nov 13 14:36:50 [175314] modparam("tls_mgm","require_cert", "1")
>>> Nov 13 14:36:50 [175314] modparam("tls_mgm","tls_method", "TLSv1_2")
>>> Nov 13 14:36:50 [175314] DBG:core:set_mod_param_regex: tls_mgm matches
>>> module tls_mgm
>>> Nov 13 14:36:50 [175314] DBG:core:set_mod_param_regex: found
>>>  in module tls_mgm [/usr/local/lib64/opensips/modules/]
>>> Nov 13 14:36:50 [175314] ERROR:tls_mgm:split_param_val: No TLS domain
>>> name
>>>
>>> Can anyone tell me what I might be missing please?
>>>
>>> Many thanks
>>> Mark.
>>>
>>> ___
>>> Users mailing list
>>> Users@lists.opensips.org
>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>
>>
>>
>> --
>> Mark Farmer
>> farm...@gmail.com
>> ___
>> Users mailing list
>> Users@lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>
>
> --
> Mark Farmer
> farm...@gmail.com
>
> ___
> Users mailing 
> listUsers@lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>


-- 
Mark Farmer
farm...@gmail.com
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Teams TLS Error

2020-11-16 Thread Vlad Patrascu


Hi Mark,

Can you post the actual errors that you get in the OpenSIPS logs, if 
that is the case?


Regards,

--
Vlad Patrascu
OpenSIPS Developer
http://www.opensips-solutions.com

On 16.11.2020 11:04, Mark Farmer wrote:

Good morning all

Can anyone clarify whether the TLS domain in SAN is supported or not 
please?


Many thanks
Mark.


On Fri, 13 Nov 2020 at 15:59, Kevin Vines <mailto:kevin.vi...@gmail.com>> wrote:


You got me there... the doc states

OpenSIPS offers SIP service for multiple
219 domains, e.g.atlanta.com  <http://atlanta.com>  andbiloxi.com  
<http://biloxi.com>. Altough both domains
220 will be hosted on a single SIP proxy, the SIP proxy needs 2
221 certificates: One foratlanta.com  <http://atlanta.com>  and one 
forbiloxi.com  <http://biloxi.com>. For
222 incoming TLS connections

If you need one cert per domain, maybe it implies that you need to
have the domain as the CN instead of a SAN?

Kevin

*From:* farm...@gmail.com <mailto:farm...@gmail.com>
*Sent:* November 13, 2020 10:43 a.m.
*To:* users@lists.opensips.org <mailto:users@lists.opensips.org>
*Reply to:* users@lists.opensips.org <mailto:users@lists.opensips.org>
*Subject:* Re: [OpenSIPS-Users] Teams TLS Error


OK so now I have this:

modparam("tls_mgm","certificate", "[my.domain.name
<http://my.domain.name>]/usr/local/etc/opensips/tls/myCert.pem
<http://myCert.pem>")
modparam("tls_mgm","private_key", "[my.domain.name
<http://my.domain.name>]/usr/local/etc/opensips/tls/myKey.key
<http://myKey.key>")
modparam("tls_mgm","ca_dir", "/etc/ssl/certs")
modparam("tls_mgm","verify_cert", "[my.domain.name
<http://my.domain.name>]1")
modparam("tls_mgm","require_cert", "[my.domain.name
<http://my.domain.name>]1")
modparam("tls_mgm","tls_method", "[my.domain.name
<http://my.domain.name>]TLSv1_2")
modparam("tls_mgm", "match_sip_domain", "my.domain.name
<http://my.domain.name>")

But now it claims that my.domain.name <http://my.domain.name> is
not defined in myCert.pem <http://myCert.pem>
I know it is - it is in a SAN within the certificate.

Any suggestions?
Many thanks
Mark.


On Fri, 13 Nov 2020 at 15:12, Kevin Vines mailto:kevin.vi...@gmail.com>> wrote:

Hi Mark,

Based on some googling it looks like you need to specify the
domain eg:

modparam("tls_mgm","verify_cert", "[domain.com
<http://domain.com>]1")

https://fossies.org/linux/opensips/modules/tls_mgm/README

Kevin

*From:* farm...@gmail.com <mailto:farm...@gmail.com>
*Sent:* November 13, 2020 9:49 a.m.
*To:* users@lists.opensips.org <mailto:users@lists.opensips.org>
*Reply to:* users@lists.opensips.org
<mailto:users@lists.opensips.org>
*Subject:* [OpenSIPS-Users] Teams TLS Error


Hi everyone

OpenSIPS 3.1.0

I am following the OpenSIPS as Teams SBC guide and have added
the TLS config:

modparam("tls_mgm","verify_cert", "1")
modparam("tls_mgm","require_cert", "1")
modparam("tls_mgm","tls_method", "TLSv1_2")
modparam("tls_mgm","certificate",
"/usr/local/etc/opensips/tls/myCert.pem <http://myCert.pem>")
modparam("tls_mgm","private_key",
"/usr/local/etc/opensips/tls/myKey.key <http://myKey.key>")
modparam("tls_mgm", "ca_dir", "/etc/ssl/certs")

But I am seeing a TLS domain error:

Nov 13 14:36:50 [175314] ERROR:tls_mgm:split_param_val: No TLS
domain name
Nov 13 14:36:50 [175314] Traceback (last included file at the
bottom):
Nov 13 14:36:50 [175314]  0.
/usr/local//etc/opensips/opensips.cfg <http://opensips.cfg>
Nov 13 14:36:50 [175314] CRITICAL:core:yyerror: parse error in
/usr/local//etc/opensips/opensips.cfg:191
<http://opensips.cfg:191>:19-20: Parameter  not
found in module  - can't set
Nov 13 14:36:50 [175314] #modparam("tls_mgm", "require_cert",
"[dom4]1")
Nov 13 14:36:50 [175314]
Nov 13 14:36:50 [175314] modparam("tls_mgm","verify_cert", "1")
Nov 13 14:36:50 [175314] ^~
Nov 13 14:36:50 [175314] modparam("tls_mgm","require_cert", &qu

Re: [OpenSIPS-Users] Teams TLS Error

2020-11-16 Thread Mark Farmer

Good morning all

Can anyone clarify whether the TLS domain in SAN is supported or not please?

Many thanks
Mark.


On Fri, 13 Nov 2020 at 15:59, Kevin Vines  wrote:

> You got me there... the doc states
>
> OpenSIPS offers SIP service for multiple  219domains, e.g. atlanta.com 
> and biloxi.com. Altough both domains  220will be hosted on a single SIP 
> proxy, the SIP proxy needs 2  221certificates: One for atlanta.com and 
> one for biloxi.com. For  222incoming TLS connections
>
>
> If you need one cert per domain, maybe it implies that you need to have the 
> domain as the CN instead of a SAN?
>
>
> Kevin
>
> *From:* farm...@gmail.com
> *Sent:* November 13, 2020 10:43 a.m.
> *To:* users@lists.opensips.org
> *Reply to:* users@lists.opensips.org
> *Subject:* Re: [OpenSIPS-Users] Teams TLS Error
>
> OK so now I have this:
>
> modparam("tls_mgm","certificate", "[my.domain.name
> ]/usr/local/etc/opensips/tls/myCert.pem")
> modparam("tls_mgm","private_key", "[my.domain.name
> ]/usr/local/etc/opensips/tls/myKey.key")
> modparam("tls_mgm","ca_dir", "/etc/ssl/certs")
> modparam("tls_mgm","verify_cert", "[my.domain.name]1")
> modparam("tls_mgm","require_cert", "[my.domain.name]1")
> modparam("tls_mgm","tls_method", "[my.domain.name]TLSv1_2")
> modparam("tls_mgm", "match_sip_domain", "my.domain.name")
>
> But now it claims that my.domain.name is not defined in myCert.pem
> I know it is - it is in a SAN within the certificate.
>
> Any suggestions?
> Many thanks
> Mark.
>
>
> On Fri, 13 Nov 2020 at 15:12, Kevin Vines  wrote:
>
>> Hi Mark,
>>
>> Based on some googling it looks like you need to specify the domain eg:
>>
>> modparam("tls_mgm","verify_cert", "[domain.com]1")
>>
>> https://fossies.org/linux/opensips/modules/tls_mgm/README
>>
>> Kevin
>> *From:* farm...@gmail.com
>> *Sent:* November 13, 2020 9:49 a.m.
>> *To:* users@lists.opensips.org
>> *Reply to:* users@lists.opensips.org
>> *Subject:* [OpenSIPS-Users] Teams TLS Error
>>
>> Hi everyone
>>
>> OpenSIPS 3.1.0
>>
>> I am following the OpenSIPS as Teams SBC guide and have added the TLS
>> config:
>>
>> modparam("tls_mgm","verify_cert", "1")
>> modparam("tls_mgm","require_cert", "1")
>> modparam("tls_mgm","tls_method", "TLSv1_2")
>> modparam("tls_mgm","certificate", "/usr/local/etc/opensips/tls/myCert.pem
>> ")
>> modparam("tls_mgm","private_key", "/usr/local/etc/opensips/tls/myKey.key
>> ")
>> modparam("tls_mgm", "ca_dir", "/etc/ssl/certs")
>>
>> But I am seeing a TLS domain error:
>>
>> Nov 13 14:36:50 [175314] ERROR:tls_mgm:split_param_val: No TLS domain name
>> Nov 13 14:36:50 [175314] Traceback (last included file at the bottom):
>> Nov 13 14:36:50 [175314]  0. /usr/local//etc/opensips/opensips.cfg
>> Nov 13 14:36:50 [175314] CRITICAL:core:yyerror: parse error in
>> /usr/local//etc/opensips/opensips.cfg:191:19-20: Parameter 
>> not found in module  - can't set
>> Nov 13 14:36:50 [175314] #modparam("tls_mgm", "require_cert", "[dom4]1")
>> Nov 13 14:36:50 [175314]
>> Nov 13 14:36:50 [175314] modparam("tls_mgm","verify_cert", "1")
>> Nov 13 14:36:50 [175314] ^~
>> Nov 13 14:36:50 [175314] modparam("tls_mgm","require_cert", "1")
>> Nov 13 14:36:50 [175314] modparam("tls_mgm","tls_method", "TLSv1_2")
>> Nov 13 14:36:50 [175314] DBG:core:set_mod_param_regex: tls_mgm matches
>> module tls_mgm
>> Nov 13 14:36:50 [175314] DBG:core:set_mod_param_regex: found
>>  in module tls_mgm [/usr/local/lib64/opensips/modules/]
>> Nov 13 14:36:50 [175314] ERROR:tls_mgm:split_param_val: No TLS domain name
>>
>> Can anyone tell me what I might be missing please?
>>
>> Many thanks
>> Mark.
>>
>> ___
>> Users mailing list
>> Users@lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>
>
> --
> Mark Farmer
> farm...@gmail.com
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>


-- 
Mark Farmer
farm...@gmail.com
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Teams TLS Error

2020-11-13 Thread Kevin Vines

  You got me there... the doc statesOpenSIPS offers SIP service for multiple
  219domains, e.g. atlanta.com and biloxi.com. Altough both domains
  220will be hosted on a single SIP proxy, the SIP proxy needs 2
  221certificates: One for atlanta.com and one for biloxi.com. For
  222incoming TLS connectionsIf you need one cert per domain, maybe it implies that you need to have the domain as the CN instead of a SAN?Kevin   From: farm...@gmail.comSent: November 13, 2020 10:43 a.m.To: users@lists.opensips.orgReply to: users@lists.opensips.orgSubject: Re: [OpenSIPS-Users] Teams TLS Error  OK so now I have this:modparam("tls_mgm","certificate", "[my.domain.name]/usr/local/etc/opensips/tls/myCert.pem")modparam("tls_mgm","private_key", "[my.domain.name]/usr/local/etc/opensips/tls/myKey.key")modparam("tls_mgm","ca_dir", "/etc/ssl/certs")modparam("tls_mgm","verify_cert", "[my.domain.name]1")modparam("tls_mgm","require_cert", "[my.domain.name]1")modparam("tls_mgm","tls_method", "[my.domain.name]TLSv1_2")modparam("tls_mgm", "match_sip_domain", "my.domain.name")But now it claims that my.domain.name  is not defined in myCert.pemI know it is - it is in a SAN within the certificate.Any suggestions?Many thanksMark.On Fri, 13 Nov 2020 at 15:12, Kevin Vines <kevin.vi...@gmail.com> wrote:  Hi Mark,Based on some googling it looks like you need to specify the domain eg:modparam("tls_mgm","verify_cert", "[domain.com]1")   https://fossies.org/linux/opensips/modules/tls_mgm/README  Kevin                From: farm...@gmail.comSent: November 13, 2020 9:49 a.m.To: users@lists.opensips.orgReply to: users@lists.opensips.orgSubject: [OpenSIPS-Users] Teams TLS Error  Hi everyoneOpenSIPS 3.1.0I am following the OpenSIPS as Teams SBC guide and have added the TLS config:modparam("tls_mgm","verify_cert", "1")modparam("tls_mgm","require_cert", "1")modparam("tls_mgm","tls_method", "TLSv1_2")modparam("tls_mgm","certificate", "/usr/local/etc/opensips/tls/myCert.pem")modparam("tls_mgm","private_key", "/usr/local/etc/opensips/tls/myKey.key")modparam("tls_mgm", "ca_dir", "/etc/ssl/certs")But I am seeing a TLS domain error:Nov 13 14:36:50 [175314] ERROR:tls_mgm:split_param_val: No TLS domain nameNov 13 14:36:50 [175314] Traceback (last included file at the bottom):Nov 13 14:36:50 [175314]  0. /usr/local//etc/opensips/opensips.cfgNov 13 14:36:50 [175314] CRITICAL:core:yyerror: parse error in /usr/local//etc/opensips/opensips.cfg:191:19-20: Parameter  not found in module  - can't setNov 13 14:36:50 [175314] #modparam("tls_mgm", "require_cert", "[dom4]1")Nov 13 14:36:50 [175314]Nov 13 14:36:50 [175314] modparam("tls_mgm","verify_cert", "1")Nov 13 14:36:50 [175314] ^~Nov 13 14:36:50 [175314] modparam("tls_mgm","require_cert", "1")Nov 13 14:36:50 [175314] modparam("tls_mgm","tls_method", "TLSv1_2")Nov 13 14:36:50 [175314] DBG:core:set_mod_param_regex: tls_mgm matches module tls_mgmNov 13 14:36:50 [175314] DBG:core:set_mod_param_regex: found  in module tls_mgm [/usr/local/lib64/opensips/modules/]Nov 13 14:36:50 [175314] ERROR:tls_mgm:split_param_val: No TLS domain nameCan anyone tell me what I might be missing please?Many thanksMark.
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
-- Mark Farmerfarm...@gmail.com
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Teams TLS Error

2020-11-13 Thread Mark Farmer

OK so now I have this:

modparam("tls_mgm","certificate", "[my.domain.name
]/usr/local/etc/opensips/tls/myCert.pem")
modparam("tls_mgm","private_key", "[my.domain.name
]/usr/local/etc/opensips/tls/myKey.key")
modparam("tls_mgm","ca_dir", "/etc/ssl/certs")
modparam("tls_mgm","verify_cert", "[my.domain.name]1")
modparam("tls_mgm","require_cert", "[my.domain.name]1")
modparam("tls_mgm","tls_method", "[my.domain.name]TLSv1_2")
modparam("tls_mgm", "match_sip_domain", "my.domain.name")

But now it claims that my.domain.name is not defined in myCert.pem
I know it is - it is in a SAN within the certificate.

Any suggestions?
Many thanks
Mark.


On Fri, 13 Nov 2020 at 15:12, Kevin Vines  wrote:

> Hi Mark,
>
> Based on some googling it looks like you need to specify the domain eg:
>
> modparam("tls_mgm","verify_cert", "[domain.com]1")
>
> https://fossies.org/linux/opensips/modules/tls_mgm/README
>
> Kevin
> *From:* farm...@gmail.com
> *Sent:* November 13, 2020 9:49 a.m.
> *To:* users@lists.opensips.org
> *Reply to:* users@lists.opensips.org
> *Subject:* [OpenSIPS-Users] Teams TLS Error
>
> Hi everyone
>
> OpenSIPS 3.1.0
>
> I am following the OpenSIPS as Teams SBC guide and have added the TLS
> config:
>
> modparam("tls_mgm","verify_cert", "1")
> modparam("tls_mgm","require_cert", "1")
> modparam("tls_mgm","tls_method", "TLSv1_2")
> modparam("tls_mgm","certificate", "/usr/local/etc/opensips/tls/myCert.pem
> ")
> modparam("tls_mgm","private_key", "/usr/local/etc/opensips/tls/myKey.key")
> modparam("tls_mgm", "ca_dir", "/etc/ssl/certs")
>
> But I am seeing a TLS domain error:
>
> Nov 13 14:36:50 [175314] ERROR:tls_mgm:split_param_val: No TLS domain name
> Nov 13 14:36:50 [175314] Traceback (last included file at the bottom):
> Nov 13 14:36:50 [175314]  0. /usr/local//etc/opensips/opensips.cfg
> Nov 13 14:36:50 [175314] CRITICAL:core:yyerror: parse error in
> /usr/local//etc/opensips/opensips.cfg:191:19-20: Parameter 
> not found in module  - can't set
> Nov 13 14:36:50 [175314] #modparam("tls_mgm", "require_cert", "[dom4]1")
> Nov 13 14:36:50 [175314]
> Nov 13 14:36:50 [175314] modparam("tls_mgm","verify_cert", "1")
> Nov 13 14:36:50 [175314] ^~
> Nov 13 14:36:50 [175314] modparam("tls_mgm","require_cert", "1")
> Nov 13 14:36:50 [175314] modparam("tls_mgm","tls_method", "TLSv1_2")
> Nov 13 14:36:50 [175314] DBG:core:set_mod_param_regex: tls_mgm matches
> module tls_mgm
> Nov 13 14:36:50 [175314] DBG:core:set_mod_param_regex: found
>  in module tls_mgm [/usr/local/lib64/opensips/modules/]
> Nov 13 14:36:50 [175314] ERROR:tls_mgm:split_param_val: No TLS domain name
>
> Can anyone tell me what I might be missing please?
>
> Many thanks
> Mark.
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>


-- 
Mark Farmer
farm...@gmail.com
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Teams TLS Error

2020-11-13 Thread Kevin Vines

  Hi Mark,Based on some googling it looks like you need to specify the domain eg:modparam("tls_mgm","verify_cert", "[domain.com]1")   https://fossies.org/linux/opensips/modules/tls_mgm/README  Kevin    From: farm...@gmail.comSent: November 13, 2020 9:49 a.m.To: users@lists.opensips.orgReply to: users@lists.opensips.orgSubject: [OpenSIPS-Users] Teams TLS Error  Hi everyoneOpenSIPS 3.1.0I am following the OpenSIPS as Teams SBC guide and have added the TLS config:modparam("tls_mgm","verify_cert", "1")modparam("tls_mgm","require_cert", "1")modparam("tls_mgm","tls_method", "TLSv1_2")modparam("tls_mgm","certificate", "/usr/local/etc/opensips/tls/myCert.pem")modparam("tls_mgm","private_key", "/usr/local/etc/opensips/tls/myKey.key")modparam("tls_mgm", "ca_dir", "/etc/ssl/certs")But I am seeing a TLS domain error:Nov 13 14:36:50 [175314] ERROR:tls_mgm:split_param_val: No TLS domain nameNov 13 14:36:50 [175314] Traceback (last included file at the bottom):Nov 13 14:36:50 [175314]  0. /usr/local//etc/opensips/opensips.cfgNov 13 14:36:50 [175314] CRITICAL:core:yyerror: parse error in /usr/local//etc/opensips/opensips.cfg:191:19-20: Parameter  not found in module  - can't setNov 13 14:36:50 [175314] #modparam("tls_mgm", "require_cert", "[dom4]1")Nov 13 14:36:50 [175314]Nov 13 14:36:50 [175314] modparam("tls_mgm","verify_cert", "1")Nov 13 14:36:50 [175314] ^~Nov 13 14:36:50 [175314] modparam("tls_mgm","require_cert", "1")Nov 13 14:36:50 [175314] modparam("tls_mgm","tls_method", "TLSv1_2")Nov 13 14:36:50 [175314] DBG:core:set_mod_param_regex: tls_mgm matches module tls_mgmNov 13 14:36:50 [175314] DBG:core:set_mod_param_regex: found  in module tls_mgm [/usr/local/lib64/opensips/modules/]Nov 13 14:36:50 [175314] ERROR:tls_mgm:split_param_val: No TLS domain nameCan anyone tell me what I might be missing please?Many thanksMark.
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

[OpenSIPS-Users] Teams TLS Error

2020-11-13 Thread Mark Farmer

Hi everyone

OpenSIPS 3.1.0

I am following the OpenSIPS as Teams SBC guide and have added the TLS
config:

modparam("tls_mgm","verify_cert", "1")
modparam("tls_mgm","require_cert", "1")
modparam("tls_mgm","tls_method", "TLSv1_2")
modparam("tls_mgm","certificate", "/usr/local/etc/opensips/tls/myCert.pem")
modparam("tls_mgm","private_key", "/usr/local/etc/opensips/tls/myKey.key")
modparam("tls_mgm", "ca_dir", "/etc/ssl/certs")

But I am seeing a TLS domain error:

Nov 13 14:36:50 [175314] ERROR:tls_mgm:split_param_val: No TLS domain name
Nov 13 14:36:50 [175314] Traceback (last included file at the bottom):
Nov 13 14:36:50 [175314]  0. /usr/local//etc/opensips/opensips.cfg
Nov 13 14:36:50 [175314] CRITICAL:core:yyerror: parse error in
/usr/local//etc/opensips/opensips.cfg:191:19-20: Parameter 
not found in module  - can't set
Nov 13 14:36:50 [175314] #modparam("tls_mgm", "require_cert", "[dom4]1")
Nov 13 14:36:50 [175314]
Nov 13 14:36:50 [175314] modparam("tls_mgm","verify_cert", "1")
Nov 13 14:36:50 [175314] ^~
Nov 13 14:36:50 [175314] modparam("tls_mgm","require_cert", "1")
Nov 13 14:36:50 [175314] modparam("tls_mgm","tls_method", "TLSv1_2")
Nov 13 14:36:50 [175314] DBG:core:set_mod_param_regex: tls_mgm matches
module tls_mgm
Nov 13 14:36:50 [175314] DBG:core:set_mod_param_regex: found 
in module tls_mgm [/usr/local/lib64/opensips/modules/]
Nov 13 14:36:50 [175314] ERROR:tls_mgm:split_param_val: No TLS domain name

Can anyone tell me what I might be missing please?

Many thanks
Mark.
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Teams TLS Error

Re: [OpenSIPS-Users] Teams TLS Error

Re: [OpenSIPS-Users] Teams TLS Error

Re: [OpenSIPS-Users] Teams TLS Error

Re: [OpenSIPS-Users] Teams TLS Error

Re: [OpenSIPS-Users] Teams TLS Error

Re: [OpenSIPS-Users] Teams TLS Error

[OpenSIPS-Users] Teams TLS Error

8 matches

Site Navigation

Mail list logo

Footer information