subject:"Re\: \[OpenSIPS\-Users\] TLS Error"

Re: [OpenSIPS-Users] TLS Error

2022-05-25 Thread Wang Wilson

Dear Bogdan-Andrei Iancu,

Thank you for the reply.

In fact I re-do the CA generation by following the Opensips TLS setting 
document (https://opensips.org/html/docs/tutorials/tls-1.4.x). From the 
request.conf I confirm that “default_md” is set to “sha1”. After I recopy the 
tls folder to the location /etc/opensips/tls and restart opensips service, it 
still shows the error message.

As for the log message, I like to check with you, if the previous three tls_mgm 
notice which tell some strange message that create such problem?

Regards
Wilson Wang

May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: 
NOTICE:tls_mgm:init_tls_dom: No EC curve defined
May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: 
INFO:tls_mgm:get_ssl_ctx_verify_mode: client verification activated. Client 
certificates are NOT mandatory.
May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: 
NOTICE:tls_mgm:init_tls_dom: no CA dir for tls 'default' defined, using default 
'/etc/pki/CA/'
May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: 
NOTICE:tls_mgm:init_tls_dom: no crl for tls, using none
May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: 
ERROR:tls_mgm:tls_print_errstack: TLS errstack: error:140AB18E:SSL 
routines:SSL_CTX_use_certificate:ca md too weak
May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: 
ERROR:tls_mgm:load_certificate: unable to load certificate file 
'/etc/opensips/tls/user/user-cert.pem'
May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: 
ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'default'
May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: 
ERROR:core:init_mod: failed to initialize module tls_mgm


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS Error

2022-05-25 Thread Bogdan-Andrei Iancu


Hi Wang,

A quick googling shows that the problem is with your certificate, being 
md5 signed - and this is considered a week signature. Check this

https://stackoverflow.com/questions/52218876/how-to-fix-ssl-issue-ssl-ctx-use-certificate-ca-md-too-weak-on-python-zeep

Regards,

Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
  https://www.opensips-solutions.com
OpenSIPS Summit 27-30 Sept 2022, Athens
  https://www.opensips.org/events/Summit-2022Athens/

On 5/23/22 5:40 AM, Wang Wilson wrote:


This is my folder user rights status, and I am running Opensips3.1 
under root userprivilege.


root@wilson-VirtualBox:/etc/opensips/tls/user# ls -lrth 
/etc/opensips/tls/user


total 20K

-rw--- 1 root root 1.7K 5月  23 10:34 user-privkey.pem

-rw-r--r-- 1 root root 1.1K 5月  23 10:34 user-cert_req.pem

-rw-r--r-- 1 root root 4.2K 5月  23 10:34 user-cert.pem

-rw-r--r-- 1 root root 1.3K 5月  23 10:34 user-calist.pem

root@wilson-VirtualBox:/etc/opensips/tls/user#

Can you tell if there is anything need to pay attention?

Regards

Wilson


*From:* Users  on behalf of ideanet 
help 

*Sent:* Monday, May 23, 2022 6:53:41 AM
*To:* OpenSIPS users mailling list 
*Subject:* Re: [OpenSIPS-Users] TLS Error
Hi Wang,
Can you check the user rights of that directory? ls -lrth 
/etc/opensips/tls/user



On Mon, May 23, 2022 at 3:10 AM Wang Wilson <mailto:w...@hotmail.com>> wrote:


Hello,

I am sending this to follow the issue that was reported on /Sep 17
13:13:06 EST 2020./

My problem is that I get the same error message, but the path to
/etc/opensips/tls/user/user-cert.pem is correct and it is not
symlink file.

I just start to explore the TLS method for us to support SIP
service. What could be the reason for this？

Thanks in advance.

Regards

Wilson


--

INFO:core:mod_init: initializing TCP-plain protocol

May 22 22:32:45 wilson-VirtualBox
/usr/local/opensips/sbin/opensips[7437]: INFO:tls_mgm:mod_init:
initializing TLS management

May 22 22:32:45 wilson-VirtualBox
/usr/local/opensips/sbin/opensips[7437]: INFO:tls_mgm:mod_init:
disabling compression due ZLIB problems

May 22 22:32:45 wilson-VirtualBox
/usr/local/opensips/sbin/opensips[7437]:
INFO:tls_mgm:init_tls_dom: Processing TLS domain 'default'

May 22 22:32:45 wilson-VirtualBox
/usr/local/opensips/sbin/opensips[7437]:
NOTICE:tls_mgm:init_tls_dom: No EC curve defined

May 22 22:32:45 wilson-VirtualBox
/usr/local/opensips/sbin/opensips[7437]:
INFO:tls_mgm:get_ssl_ctx_verify_mode: client verification
activated. Client certificates are NOT mandatory.

May 22 22:32:45 wilson-VirtualBox
/usr/local/opensips/sbin/opensips[7437]:
NOTICE:tls_mgm:init_tls_dom: no CA dir for tls 'default' defined,
using default '/etc/pki/CA/'

May 22 22:32:45 wilson-VirtualBox
/usr/local/opensips/sbin/opensips[7437]:
NOTICE:tls_mgm:init_tls_dom: no crl for tls, using none

May 22 22:32:45 wilson-VirtualBox
/usr/local/opensips/sbin/opensips[7437]:
ERROR:tls_mgm:tls_print_errstack: TLS errstack: error:140AB18E:SSL
routines:SSL_CTX_use_certificate:ca md too weak

May 22 22:32:45 wilson-VirtualBox
/usr/local/opensips/sbin/opensips[7437]:
ERROR:tls_mgm:load_certificate: unable to load certificate file
'/etc/opensips/tls/user/user-cert.pem'

May 22 22:32:45 wilson-VirtualBox
/usr/local/opensips/sbin/opensips[7437]:
ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'default'

May 22 22:32:45 wilson-VirtualBox
/usr/local/opensips/sbin/opensips[7437]: ERROR:core:init_mod:
failed to initialize module tls_mgm

May 22 22:32:45 wilson-VirtualBox
/usr/local/opensips/sbin/opensips[7437]: ERROR:core:main: error
while initializing modules

May 22 22:32:45 wilson-VirtualBox
/usr/local/opensips/sbin/opensips[7437]: INFO:core:cleanup: cleanup

May 22 22:32:45 wilson-VirtualBox
/usr/local/opensips/sbin/opensips[7437]: NOTICE:core:main: Exiting

___
Users mailing list
Users@lists.opensips.org <mailto:Users@lists.opensips.org>
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
<http://lists.opensips.org/cgi-bin/mailman/listinfo/users>


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS Error

2022-05-22 Thread Wang Wilson

This is my folder user rights status, and I am running Opensips3.1 under root 
user privilege.

root@wilson-VirtualBox:/etc/opensips/tls/user# ls -lrth /etc/opensips/tls/user
total 20K
-rw--- 1 root root 1.7K 5月  23 10:34 user-privkey.pem
-rw-r--r-- 1 root root 1.1K 5月  23 10:34 user-cert_req.pem
-rw-r--r-- 1 root root 4.2K 5月  23 10:34 user-cert.pem
-rw-r--r-- 1 root root 1.3K 5月  23 10:34 user-calist.pem
root@wilson-VirtualBox:/etc/opensips/tls/user#

Can you tell if there is anything need to pay attention?

Regards
Wilson

From: Users  on behalf of ideanet help 

Sent: Monday, May 23, 2022 6:53:41 AM
To: OpenSIPS users mailling list 
Subject: Re: [OpenSIPS-Users] TLS Error

Hi Wang,
Can you check the user rights of that directory? ls -lrth /etc/opensips/tls/user


On Mon, May 23, 2022 at 3:10 AM Wang Wilson 
mailto:w...@hotmail.com>> wrote:

Hello,

I am sending this to follow the issue that was reported on Sep 17 13:13:06 EST 
2020.



My problem is that I get the same error message, but the path to 
/etc/opensips/tls/user/user-cert.pem is correct and it is not symlink file.



I just start to explore the TLS method for us to support SIP service. What 
could be the reason for this？



Thanks in advance.



Regards

Wilson

--

INFO:core:mod_init: initializing TCP-plain protocol

May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
INFO:tls_mgm:mod_init: initializing TLS management

May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
INFO:tls_mgm:mod_init: disabling compression due ZLIB problems

May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
INFO:tls_mgm:init_tls_dom: Processing TLS domain 'default'

May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
NOTICE:tls_mgm:init_tls_dom: No EC curve defined

May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
INFO:tls_mgm:get_ssl_ctx_verify_mode: client verification activated. Client 
certificates are NOT mandatory.

May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
NOTICE:tls_mgm:init_tls_dom: no CA dir for tls 'default' defined, using default 
'/etc/pki/CA/'

May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
NOTICE:tls_mgm:init_tls_dom: no crl for tls, using none

May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
ERROR:tls_mgm:tls_print_errstack: TLS errstack: error:140AB18E:SSL 
routines:SSL_CTX_use_certificate:ca md too weak

May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
ERROR:tls_mgm:load_certificate: unable to load certificate file 
'/etc/opensips/tls/user/user-cert.pem'

May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'default'

May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
ERROR:core:init_mod: failed to initialize module tls_mgm

May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
ERROR:core:main: error while initializing modules

May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
INFO:core:cleanup: cleanup

May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
NOTICE:core:main: Exiting





___
Users mailing list
Users@lists.opensips.org<mailto:Users@lists.opensips.org>
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS Error

2022-05-22 Thread ideanet help

Hi Wang,
Can you check the user rights of that directory? ls -lrth
/etc/opensips/tls/user


On Mon, May 23, 2022 at 3:10 AM Wang Wilson  wrote:

> Hello,
>
> I am sending this to follow the issue that was reported on *Sep 17
> 13:13:06 EST 2020.*
>
>
>
> My problem is that I get the same error message, but the path to
> /etc/opensips/tls/user/user-cert.pem is correct and it is not symlink file.
>
>
>
> I just start to explore the TLS method for us to support SIP service. What
> could be the reason for this？
>
>
>
> Thanks in advance.
>
>
>
> Regards
>
> Wilson
>
>
> --
>
> INFO:core:mod_init: initializing TCP-plain protocol
>
> May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]:
> INFO:tls_mgm:mod_init: initializing TLS management
>
> May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]:
> INFO:tls_mgm:mod_init: disabling compression due ZLIB problems
>
> May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]:
> INFO:tls_mgm:init_tls_dom: Processing TLS domain 'default'
>
> May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]:
> NOTICE:tls_mgm:init_tls_dom: No EC curve defined
>
> May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]:
> INFO:tls_mgm:get_ssl_ctx_verify_mode: client verification activated. Client
> certificates are NOT mandatory.
>
> May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]:
> NOTICE:tls_mgm:init_tls_dom: no CA dir for tls 'default' defined, using
> default '/etc/pki/CA/'
>
> May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]:
> NOTICE:tls_mgm:init_tls_dom: no crl for tls, using none
>
> May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]:
> ERROR:tls_mgm:tls_print_errstack: TLS errstack: error:140AB18E:SSL
> routines:SSL_CTX_use_certificate:ca md too weak
>
> May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]:
> ERROR:tls_mgm:load_certificate: unable to load certificate file
> '/etc/opensips/tls/user/user-cert.pem'
>
> May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]:
> ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'default'
>
> May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]:
> ERROR:core:init_mod: failed to initialize module tls_mgm
>
> May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]:
> ERROR:core:main: error while initializing modules
>
> May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]:
> INFO:core:cleanup: cleanup
>
> May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]:
> NOTICE:core:main: Exiting
>
>
>
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS Error

2022-05-22 Thread Wang Wilson

Hello,
I am sending this to follow the issue that was reported on Sep 17 13:13:06 EST 
2020.

My problem is that I get the same error message, but the path to 
/etc/opensips/tls/user/user-cert.pem is correct and it is not symlink file.

I just start to explore the TLS method for us to support SIP service. What 
could be the reason for this？

Thanks in advance.

Regards
Wilson
--
INFO:core:mod_init: initializing TCP-plain protocol
May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
INFO:tls_mgm:mod_init: initializing TLS management
May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
INFO:tls_mgm:mod_init: disabling compression due ZLIB problems
May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
INFO:tls_mgm:init_tls_dom: Processing TLS domain 'default'
May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
NOTICE:tls_mgm:init_tls_dom: No EC curve defined
May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
INFO:tls_mgm:get_ssl_ctx_verify_mode: client verification activated. Client 
certificates are NOT mandatory.
May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
NOTICE:tls_mgm:init_tls_dom: no CA dir for tls 'default' defined, using default 
'/etc/pki/CA/'
May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
NOTICE:tls_mgm:init_tls_dom: no crl for tls, using none
May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
ERROR:tls_mgm:tls_print_errstack: TLS errstack: error:140AB18E:SSL 
routines:SSL_CTX_use_certificate:ca md too weak
May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
ERROR:tls_mgm:load_certificate: unable to load certificate file 
'/etc/opensips/tls/user/user-cert.pem'
May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'default'
May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
ERROR:core:init_mod: failed to initialize module tls_mgm
May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
ERROR:core:main: error while initializing modules
May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
INFO:core:cleanup: cleanup
May 22 22:32:45 wilson-VirtualBox /usr/local/opensips/sbin/opensips[7437]: 
NOTICE:core:main: Exiting


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS Error

2020-09-17 Thread Andrew Colin

Thanks, i fixed the issue by putting them in /etc/opensips/tls

On Thu, Sep 17, 2020 at 4:24 PM Tomi Hakkarainen  wrote:

> Hi,
> I have had the same.
> look at the directory/ file rights on the lets encrypt path. The user
> trying to access cannot access the file because there is something missing
> on the path...
>
> I cant remenber which it was...
> If you are using certbot or similar to create those automatic should be
> resolved or should make some post operation after cert generation to copy
> those to opensips folder...
>
> Tomi
>
> On 17. Sep 2020, at 16.51, John Matich  wrote:
>
> 
> Copy the certs into /etc/opensips/tls/ it doesn't seem to like the
> symlinked certs of letsencrypt
>
> That fixed it for me when I had the same issue.
>
> On Thu, 2020-09-17 at 14:32 +0100, Andrew Colin wrote:
>
> yes but why as that path is correct
> and permissions etc are all fine
>
> On Thu, Sep 17, 2020 at 2:31 PM Johan De Clercq  wrote:
>
> it seems to me that it can't load your certificate.
>
> Op do 17 sep. 2020 om 15:16 schreef Andrew Colin  >:
>
> Hi Guys
>
> I am trying to get tls to work but getting some errors.
> i am using letsencrypt and opensips 3.1
>
> my config is
>
> loadmodule "proto_tls.so"
>
>
> loadmodule "tls_mgm.so"
>
>
> modparam("tls_mgm", "client_sip_domain_avp", "tls_sip_dom")
>
>
> modparam("tls_mgm", "server_domain", "dom1")
>
> modparam("tls_mgm", "match_ip_address", "[dom1]myip:5061")
>
> modparam("tls_mgm", "match_sip_domain", "[dom1]mydomain.co.uk")
>
>
>
> modparam("tls_mgm", "tls_method", "[dom1]TLSv1_2")
>
> modparam("tls_mgm", "verify_cert", "[dom1]1")
>
> modparam("tls_mgm", "require_cert", "[dom1]1")
>
> modparam("tls_mgm", "certificate", "[dom1]/etc/letsencrypt/live/
> mydomain.co.uk/cert.pem")
>
> modparam("tls_mgm", "private_key", "[dom1]/etc/letsencrypt/live/
> mydomain.co.uk/privkey.pem")
>
> modparam("tls_mgm", "ca_list", "[dom1]/etc/letsencrypt/live/
> mydomain.co.uk/cert.pem")
>
> modparam("tls_mgm", "ca_dir", "[dom1]/etc/letsencrypt/live/bmydomain.co.uk
> ")
>
>
>
> but i get this error
>
>
>
> INFO:tls_mgm:mod_init: disabling compression due ZLIB problems
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: INFO:tls_mgm:init_tls_dom:
> Processing TLS domain 'dom1'
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> NOTICE:tls_mgm:init_tls_dom: No EC curve defined
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> INFO:tls_mgm:get_ssl_ctx_verify_mode: client verification activated. Client
> certificates are mandatory.
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> NOTICE:tls_mgm:init_tls_dom: no crl for tls, using none
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> ERROR:tls_mgm:load_certificate: unable to load certificate file
> '/etc/letsencrypt/live/mydomain.co.uk/cert.pem'
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'dom1'
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: ERROR:core:init_mod:
> failed to initialize module tls_mgm
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: ERROR:core:main: error
> while initializing modules
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: INFO:core:cleanup: cleanup
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: NOTICE:core:main:
> Exiting
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
> ___
>
> Users mailing list
>
> Users@lists.opensips.org
>
>
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS Error

2020-09-17 Thread Tomi Hakkarainen

Hi,
I have had the same.
look at the directory/ file rights on the lets encrypt path. The user trying to 
access cannot access the file because there is something missing on the path...

I cant remenber which it was...
If you are using certbot or similar to create those automatic should be 
resolved or should make some post operation after cert generation to copy those 
to opensips folder...

Tomi

On 17. Sep 2020, at 16.51, John Matich  wrote:


Copy the certs into /etc/opensips/tls/ it doesn't seem to like the 
symlinked certs of letsencrypt

That fixed it for me when I had the same issue.

> On Thu, 2020-09-17 at 14:32 +0100, Andrew Colin wrote:
> yes but why as that path is correct
> and permissions etc are all fine
> 
>> On Thu, Sep 17, 2020 at 2:31 PM Johan De Clercq  wrote:
>> it seems to me that it can't load your certificate. 
>> 
>> Op do 17 sep. 2020 om 15:16 schreef Andrew Colin :
>>> Hi Guys
>>> 
>>> I am trying to get tls to work but getting some errors.
>>> i am using letsencrypt and opensips 3.1
>>> 
>>> my config is 
>>> 
>>> loadmodule "proto_tls.so"
>>> 
>>> loadmodule "tls_mgm.so"
>>> 
>>> modparam("tls_mgm", "client_sip_domain_avp", "tls_sip_dom")
>>> 
>>> modparam("tls_mgm", "server_domain", "dom1")
>>> modparam("tls_mgm", "match_ip_address", "[dom1]myip:5061")
>>> modparam("tls_mgm", "match_sip_domain", "[dom1]mydomain.co.uk")
>>> 
>>> 
>>> modparam("tls_mgm", "tls_method", "[dom1]TLSv1_2")
>>> modparam("tls_mgm", "verify_cert", "[dom1]1")
>>> modparam("tls_mgm", "require_cert", "[dom1]1")
>>> modparam("tls_mgm", "certificate", 
>>> "[dom1]/etc/letsencrypt/live/mydomain.co.uk/cert.pem")
>>> modparam("tls_mgm", "private_key", 
>>> "[dom1]/etc/letsencrypt/live/mydomain.co.uk/privkey.pem")
>>> modparam("tls_mgm", "ca_list", 
>>> "[dom1]/etc/letsencrypt/live/mydomain.co.uk/cert.pem")
>>> modparam("tls_mgm", "ca_dir", "[dom1]/etc/letsencrypt/live/bmydomain.co.uk")
>>> 
>>> 
>>> but i get this error
>>> 
>>> 
>>> INFO:tls_mgm:mod_init: disabling compression due ZLIB problems
>>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: INFO:tls_mgm:init_tls_dom: 
>>> Processing TLS domain 'dom1'
>>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: 
>>> NOTICE:tls_mgm:init_tls_dom: No EC curve defined
>>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: 
>>> INFO:tls_mgm:get_ssl_ctx_verify_mode: client verification activated. Client 
>>> certificates are mandatory.
>>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: 
>>> NOTICE:tls_mgm:init_tls_dom: no crl for tls, using none
>>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: 
>>> ERROR:tls_mgm:load_certificate: unable to load certificate file 
>>> '/etc/letsencrypt/live/mydomain.co.uk/cert.pem'
>>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: 
>>> ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'dom1'
>>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: ERROR:core:init_mod: failed 
>>> to initialize module tls_mgm
>>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: ERROR:core:main: error 
>>> while initializing modules
>>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: INFO:core:cleanup: cleanup
>>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: NOTICE:core:main: 
>>> Exiting
>>> ___
>>> Users mailing list
>>> Users@lists.opensips.org
>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>> ___
>> Users mailing list
>> Users@lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> 
> ___
> Users mailing list
> Users@lists.opensips.org
> 
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> 
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS Error

2020-09-17 Thread Andrew Colin

Thanks

Do i just create a folder tls in /etc/opensips and copy them in?

Also what did you use for ca_list?


On Thursday, September 17, 2020, John Matich  wrote:

> Copy the certs into /etc/opensips/tls/ it doesn't seem to like the
> symlinked certs of letsencrypt
>
> That fixed it for me when I had the same issue.
>
> On Thu, 2020-09-17 at 14:32 +0100, Andrew Colin wrote:
>
> yes but why as that path is correct
> and permissions etc are all fine
>
> On Thu, Sep 17, 2020 at 2:31 PM Johan De Clercq  wrote:
>
> it seems to me that it can't load your certificate.
>
> Op do 17 sep. 2020 om 15:16 schreef Andrew Colin  >:
>
> Hi Guys
>
> I am trying to get tls to work but getting some errors.
> i am using letsencrypt and opensips 3.1
>
> my config is
>
> loadmodule "proto_tls.so"
>
>
> loadmodule "tls_mgm.so"
>
>
> modparam("tls_mgm", "client_sip_domain_avp", "tls_sip_dom")
>
>
> modparam("tls_mgm", "server_domain", "dom1")
>
> modparam("tls_mgm", "match_ip_address", "[dom1]myip:5061")
>
> modparam("tls_mgm", "match_sip_domain", "[dom1]mydomain.co.uk")
>
>
>
> modparam("tls_mgm", "tls_method", "[dom1]TLSv1_2")
>
> modparam("tls_mgm", "verify_cert", "[dom1]1")
>
> modparam("tls_mgm", "require_cert", "[dom1]1")
>
> modparam("tls_mgm", "certificate", "[dom1]/etc/letsencrypt/live/m
> ydomain.co.uk/cert.pem")
>
> modparam("tls_mgm", "private_key", "[dom1]/etc/letsencrypt/live/m
> ydomain.co.uk/privkey.pem")
>
> modparam("tls_mgm", "ca_list", "[dom1]/etc/letsencrypt/live/m
> ydomain.co.uk/cert.pem")
>
> modparam("tls_mgm", "ca_dir", "[dom1]/etc/letsencrypt/live/bmydomain.co.uk
> ")
>
>
>
> but i get this error
>
>
>
> INFO:tls_mgm:mod_init: disabling compression due ZLIB problems
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: INFO:tls_mgm:init_tls_dom:
> Processing TLS domain 'dom1'
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> NOTICE:tls_mgm:init_tls_dom: No EC curve defined
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: 
> INFO:tls_mgm:get_ssl_ctx_verify_mode:
> client verification activated. Client certificates are mandatory.
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> NOTICE:tls_mgm:init_tls_dom: no crl for tls, using none
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: 
> ERROR:tls_mgm:load_certificate:
> unable to load certificate file '/etc/letsencrypt/live/mydomai
> n.co.uk/cert.pem'
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: 
> ERROR:tls_mgm:init_tls_domains:
> Failed to init TLS domain 'dom1'
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: ERROR:core:init_mod:
> failed to initialize module tls_mgm
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: ERROR:core:main: error
> while initializing modules
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: INFO:core:cleanup: cleanup
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: NOTICE:core:main:
> Exiting
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
> ___
>
> Users mailing list
>
> Users@lists.opensips.org
>
>
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS Error

2020-09-17 Thread John Matich

Copy the certs into /etc/opensips/tls/ it doesn't seem to like the
symlinked certs of letsencrypt
That fixed it for me when I had the same issue.
On Thu, 2020-09-17 at 14:32 +0100, Andrew Colin wrote:
> yes but why as that path is correctand permissions etc are all fine
> 
> On Thu, Sep 17, 2020 at 2:31 PM Johan De Clercq 
> wrote:
> > it seems to me that it can't load your certificate. 
> > 
> > Op do 17 sep. 2020 om 15:16 schreef Andrew Colin <
> > andrewd.co...@gmail.com>:
> > > Hi Guys
> > > I am trying to get tls to work but getting some errors.
> > > i am using letsencrypt and opensips 3.1
> > > 
> > > my config is 
> > > 
> > > loadmodule "proto_tls.so"
> > > 
> > > loadmodule "tls_mgm.so"
> > > 
> > > modparam("tls_mgm", "client_sip_domain_avp", "tls_sip_dom")
> > > 
> > > modparam("tls_mgm", "server_domain", "dom1")
> > > modparam("tls_mgm", "match_ip_address", "[dom1]myip:5061")
> > > modparam("tls_mgm", "match_sip_domain", "[dom1]mydomain.co.uk")
> > > 
> > > 
> > > modparam("tls_mgm", "tls_method", "[dom1]TLSv1_2")
> > > modparam("tls_mgm", "verify_cert", "[dom1]1")
> > > modparam("tls_mgm", "require_cert", "[dom1]1")
> > > modparam("tls_mgm", "certificate",
> > > "[dom1]/etc/letsencrypt/live/mydomain.co.uk/cert.pem")
> > > modparam("tls_mgm", "private_key",
> > > "[dom1]/etc/letsencrypt/live/mydomain.co.uk/privkey.pem")
> > > modparam("tls_mgm", "ca_list",
> > > "[dom1]/etc/letsencrypt/live/mydomain.co.uk/cert.pem")
> > > modparam("tls_mgm", "ca_dir",
> > > "[dom1]/etc/letsencrypt/live/bmydomain.co.uk")
> > > 
> > > 
> > > 
> > > 
> > > but i get this error
> > > 
> > > 
> > > 
> > > 
> > > INFO:tls_mgm:mod_init: disabling compression due ZLIB problems
> > > Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> > > INFO:tls_mgm:init_tls_dom: Processing TLS domain 'dom1'
> > > Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> > > NOTICE:tls_mgm:init_tls_dom: No EC curve defined
> > > Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> > > INFO:tls_mgm:get_ssl_ctx_verify_mode: client verification
> > > activated. Client certificates are mandatory.
> > > Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> > > NOTICE:tls_mgm:init_tls_dom: no crl for tls, using none
> > > Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> > > ERROR:tls_mgm:load_certificate: unable to load certificate file
> > > '/etc/letsencrypt/live/mydomain.co.uk/cert.pem'
> > > Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> > > ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'dom1'
> > > Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> > > ERROR:core:init_mod: failed to initialize module tls_mgm
> > > Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: ERROR:core:main:
> > > error while initializing modules
> > > Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> > > INFO:core:cleanup: cleanup
> > > 
> > > Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: NOTICE:core:main:
> > > Exiting
> > > ___
> > > 
> > > Users mailing list
> > > 
> > > Users@lists.opensips.org
> > > 
> > > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> > > 
> > 
> > ___
> > 
> > Users mailing list
> > 
> > Users@lists.opensips.org
> > 
> > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> > 
> 
> ___Users mailing 
> listus...@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS Error

2020-09-17 Thread Andrew Colin

yes but why as that path is correct
and permissions etc are all fine

On Thu, Sep 17, 2020 at 2:31 PM Johan De Clercq  wrote:

> it seems to me that it can't load your certificate.
>
> Op do 17 sep. 2020 om 15:16 schreef Andrew Colin  >:
>
>> Hi Guys
>>
>> I am trying to get tls to work but getting some errors.
>> i am using letsencrypt and opensips 3.1
>>
>> my config is
>>
>> loadmodule "proto_tls.so"
>>
>>
>> loadmodule "tls_mgm.so"
>>
>>
>> modparam("tls_mgm", "client_sip_domain_avp", "tls_sip_dom")
>>
>>
>> modparam("tls_mgm", "server_domain", "dom1")
>>
>> modparam("tls_mgm", "match_ip_address", "[dom1]myip:5061")
>>
>> modparam("tls_mgm", "match_sip_domain", "[dom1]mydomain.co.uk")
>>
>>
>>
>> modparam("tls_mgm", "tls_method", "[dom1]TLSv1_2")
>>
>> modparam("tls_mgm", "verify_cert", "[dom1]1")
>>
>> modparam("tls_mgm", "require_cert", "[dom1]1")
>>
>> modparam("tls_mgm", "certificate", "[dom1]/etc/letsencrypt/live/
>> mydomain.co.uk/cert.pem")
>>
>> modparam("tls_mgm", "private_key", "[dom1]/etc/letsencrypt/live/
>> mydomain.co.uk/privkey.pem")
>>
>> modparam("tls_mgm", "ca_list", "[dom1]/etc/letsencrypt/live/
>> mydomain.co.uk/cert.pem")
>>
>> modparam("tls_mgm", "ca_dir", "[dom1]/etc/letsencrypt/live/
>> bmydomain.co.uk")
>>
>>
>>
>> but i get this error
>>
>>
>>
>> INFO:tls_mgm:mod_init: disabling compression due ZLIB problems
>>
>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
>> INFO:tls_mgm:init_tls_dom: Processing TLS domain 'dom1'
>>
>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
>> NOTICE:tls_mgm:init_tls_dom: No EC curve defined
>>
>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
>> INFO:tls_mgm:get_ssl_ctx_verify_mode: client verification activated. Client
>> certificates are mandatory.
>>
>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
>> NOTICE:tls_mgm:init_tls_dom: no crl for tls, using none
>>
>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
>> ERROR:tls_mgm:load_certificate: unable to load certificate file
>> '/etc/letsencrypt/live/mydomain.co.uk/cert.pem'
>>
>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
>> ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'dom1'
>>
>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: ERROR:core:init_mod:
>> failed to initialize module tls_mgm
>>
>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: ERROR:core:main: error
>> while initializing modules
>>
>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: INFO:core:cleanup: cleanup
>>
>> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: NOTICE:core:main:
>> Exiting
>> ___
>> Users mailing list
>> Users@lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS Error

2020-09-17 Thread Johan De Clercq

it seems to me that it can't load your certificate.

Op do 17 sep. 2020 om 15:16 schreef Andrew Colin :

> Hi Guys
>
> I am trying to get tls to work but getting some errors.
> i am using letsencrypt and opensips 3.1
>
> my config is
>
> loadmodule "proto_tls.so"
>
>
> loadmodule "tls_mgm.so"
>
>
> modparam("tls_mgm", "client_sip_domain_avp", "tls_sip_dom")
>
>
> modparam("tls_mgm", "server_domain", "dom1")
>
> modparam("tls_mgm", "match_ip_address", "[dom1]myip:5061")
>
> modparam("tls_mgm", "match_sip_domain", "[dom1]mydomain.co.uk")
>
>
>
> modparam("tls_mgm", "tls_method", "[dom1]TLSv1_2")
>
> modparam("tls_mgm", "verify_cert", "[dom1]1")
>
> modparam("tls_mgm", "require_cert", "[dom1]1")
>
> modparam("tls_mgm", "certificate", "[dom1]/etc/letsencrypt/live/
> mydomain.co.uk/cert.pem")
>
> modparam("tls_mgm", "private_key", "[dom1]/etc/letsencrypt/live/
> mydomain.co.uk/privkey.pem")
>
> modparam("tls_mgm", "ca_list", "[dom1]/etc/letsencrypt/live/
> mydomain.co.uk/cert.pem")
>
> modparam("tls_mgm", "ca_dir", "[dom1]/etc/letsencrypt/live/bmydomain.co.uk
> ")
>
>
>
> but i get this error
>
>
>
> INFO:tls_mgm:mod_init: disabling compression due ZLIB problems
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: INFO:tls_mgm:init_tls_dom:
> Processing TLS domain 'dom1'
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> NOTICE:tls_mgm:init_tls_dom: No EC curve defined
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> INFO:tls_mgm:get_ssl_ctx_verify_mode: client verification activated. Client
> certificates are mandatory.
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> NOTICE:tls_mgm:init_tls_dom: no crl for tls, using none
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> ERROR:tls_mgm:load_certificate: unable to load certificate file
> '/etc/letsencrypt/live/mydomain.co.uk/cert.pem'
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]:
> ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'dom1'
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: ERROR:core:init_mod:
> failed to initialize module tls_mgm
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: ERROR:core:main: error
> while initializing modules
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: INFO:core:cleanup: cleanup
>
> Sep 17 12:59:41 proxy /usr/sbin/opensips[8155]: NOTICE:core:main:
> Exiting
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] tls error what does this mean

2017-05-12 Thread Răzvan Crainea


Hi, Alex!

Did you specify a certificate in your opensips configuration? Can you 
connect to OpenSIPS with openssl[1]?


[1] https://www.opensips.org/Documentation/Tutorials-TLS-2-1#toc13

Best regards,

Răzvan Crainea
OpenSIPS Solutions
www.opensips-solutions.com

On 05/12/2017 12:45 PM, Alexander Jankowsky wrote:


Hello,

I am trying to register a phone through tls into opensips 2.3 stable.

I am stuck here...

This from the remote phone which has no certificate or key loaded at 
present.


ERROR:proto_tls:tls_accept: New TLS connection from 
111.111.111.111:1 failed to accept


ERROR:proto_tls:tls_print_errstack: TLS errstack: error:140890B2:SSL 
routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned


ERROR:proto_tls:tls_read_req: failed to do pre-tls reading

INFO:core:probe_max_sock_buff: using snd buffer of 416 kb

This is from the local phone which does have a certificate and its 
private key loaded.


INFO:core:init_sock_keepalive: TCP keepalive enabled on socket 63

ERROR:proto_tls:tls_accept: New TLS connection from 
222.222.222.222:2 failed to accept


ERROR:proto_tls:tls_print_errstack: TLS errstack: error:140890C7:SSL 
routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate


ERROR:proto_tls:tls_read_req: failed to do pre-tls reading

INFO:core:probe_max_sock_buff: using snd buffer of 416 kb

Is it obvious what I should be doing here or what I should try next?

Alex



___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS error opensips 2.3 on Debian 8

2017-05-12 Thread silent_dog

I moved tls_mgm module load to the beginning of the script, but the errors
still happened...



--
View this message in context: 
http://opensips-open-sip-server.1449251.n2.nabble.com/TLS-error-opensips-2-3-on-Debian-8-tp7607394p7607397.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS error opensips 2.3 on Debian 8

2017-05-12 Thread Răzvan Crainea


Hello!

Can you try to load the tls_mgm module at the begining of your script, 
before tne db_postgres and siptrace modules?


PS: please subscribe to the opensips mailing lists, otherwise we might 
miss your sequential messages.


Best regards,

Răzvan Crainea
OpenSIPS Solutions
www.opensips-solutions.com

On 05/12/2017 11:18 AM, silent_dog wrote:

Is there anybody has idea on this issue?

At the beginning, it works well. However, after I added a trace module,
following errors happened.

modparam("siptrace", "trace_id",
"[db_tid]uri=postgres://opensips:opensips@172.22.253.42/opensips;table=sip_trace")

ERROR:tls_mgm:mod_init: unable to set the memory allocation functions
ERROR:tls_mgm:mod_init: NOTE: check if you are using openssl 1.0.1e-fips,
(or other FIPS version of openssl, as this is known to be broken; if so, you
need to upgrade or downgrade to a different openssl version!
ERROR:tls_mgm:mod_init: current version: OpenSSL 1.0.1t  3 May 2016
ERROR:core:init_mod: failed to initialize module tls_mgm
ERROR:core:main: error while initializing modules



--
View this message in context: 
http://opensips-open-sip-server.1449251.n2.nabble.com/TLS-error-opensips-2-3-on-Debian-8-tp7607394.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users



___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS error opensips 2.3 on Debian 8

2017-05-12 Thread silent_dog

it looks conflict with this line: 
modparam("siptrace", "trace_id",
"[db_tid]uri=postgres://opensips:opensips@172.22.253.42/opensips;table=sip_trace")
 

After I commented this line, it works again.



--
View this message in context: 
http://opensips-open-sip-server.1449251.n2.nabble.com/TLS-error-opensips-2-3-on-Debian-8-tp7607394p7607395.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS Error

2014-12-03 Thread Nguyen Dang Vo

Hi Gary

The "TLS connection to 107.199.61.85:56437 read failed" error occurs when
the device (Android & iOS) kills the application.

-- 
NguyenVD
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS Error

2014-11-12 Thread Jeff Pyle

Gary,

Have you been able to take a look at the traffic to see what it is?  I'm
going to guess non-TLS OPTIONS pings.  Try:
  tcpdump -nlvs0 -i eth0 host 66.81.1.2 and port 7604

Substitute the correct interface for eth0 isn't valid for your case.

- Jeff

On Wed, Nov 12, 2014 at 3:48 PM, Gary Nyquist  wrote:

> Hi,
>
> I am using "opensips 1.11.3-tls (x86_64/linux)" git revision: 7e5bbcf
> My log file is getting flooded with following errors.
>
> ERROR:core:_tls_read: SYSCALL error -> (0) 
> ERROR:core:_tls_read: TLS connection to 66.81.1.2:7604 read failed
> ERROR:core:_tls_read: TLS read error: 5
> ERROR:core:tcp_read_req: failed to read
>
> Any clues?
>
> Best Regards,
> - Gary
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] TLS Error

Re: [OpenSIPS-Users] TLS Error

Re: [OpenSIPS-Users] TLS Error

Re: [OpenSIPS-Users] TLS Error

Re: [OpenSIPS-Users] TLS Error

Re: [OpenSIPS-Users] TLS Error

Re: [OpenSIPS-Users] TLS Error

Re: [OpenSIPS-Users] TLS Error

Re: [OpenSIPS-Users] TLS Error

Re: [OpenSIPS-Users] TLS Error

Re: [OpenSIPS-Users] TLS Error

Re: [OpenSIPS-Users] tls error what does this mean

Re: [OpenSIPS-Users] TLS error opensips 2.3 on Debian 8

Re: [OpenSIPS-Users] TLS error opensips 2.3 on Debian 8

Re: [OpenSIPS-Users] TLS error opensips 2.3 on Debian 8

Re: [OpenSIPS-Users] TLS Error

Re: [OpenSIPS-Users] TLS Error

17 matches

Site Navigation

Mail list logo

Footer information