Hello all! Does anyone know if function tcp_set_otcpid() can be used in "event_route[tm:local-request]"? I added this to the configuration:
*$var(conid) = 10;* *tcp_set_otcpid("$var(conid)");* ... and was expecting that Kamailio will not find a match (there is no connection id #10 at this point), go here https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1615 and then initiate a new connection https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1993. But it went to https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1594 and could find a match: *Aug 9 17:08:31 kamailio-dev-2 /usr/sbin/kamailio[3858]: DEBUG: <core> [core/tcp_main.c:1610]: _tcpconn_find(): found connection by peer address (id: 2)* Thanks a lot! Regards, Volodymyr Ivanets. пт, 6 серп. 2021 о 15:53 Володимир Іванець <volodyaivan...@gmail.com> пише: > Or maybe some special "id" to tell Kamailio to skip the verification and > just create a new connection? Then I could use the real "id" for further > outbound traffic. > > Thank you! > > Regards, Volodymyr Ivanets. > > пт, 6 серп. 2021 о 15:45 Володимир Іванець <volodyaivan...@gmail.com> > пише: > >> Hello Daniel! >> >> Thank you for the suggestion. Unfortunately adding the >> "tcp_connection_match=1" did not made a difference. Kamailio found other >> connection to the same peer and used it instead: >> >> *<core> [core/tcp_main.c:1610]: _tcpconn_find(): found connection by peer >> address (id: 2)* >> >> Also, it looks like the answer is in this comment: >> https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1563. >> And below are active tls connections for the previous trunk. Is there a way >> to add an additional field like a "tag" that could be used in peer matching >> as well? Otherwise, I guess the only option I have is to run separate >> instances of Kamailio with a very basic configuration for each MS Teams >> connection. >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> *# kamcmd tls.list{ id: 2 timeout: 0 src_ip: >> 52.114.75.24 src_port: 5061 dst_ip: 172.16.30.206 >> dst_port: 0 cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH >> Au=RSA Enc=AESGCM(256) Mac=AEAD ct_wq_size: 0 enc_rd_buf: 0 >> flags: 2 state: established}{ id: 3 timeout: 0 >> src_ip: 52.114.75.24 src_port: 6272 dst_ip: >> 172.16.30.206 dst_port: 5063 cipher: AES256-GCM-SHA384 >> TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD ct_wq_size: 0 >> enc_rd_buf: 0 flags: 2 state: established}{ id: >> 4 timeout: 581 src_ip: 52.114.75.24 src_port: 6273 >> dst_ip: 172.16.30.206 dst_port: 5063 cipher: >> AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) >> Mac=AEAD ct_wq_size: 0 enc_rd_buf: 0 flags: 2 >> state: established* >> *} * >> >> Thank you! >> >> Regards, Volodymyr Ivanets. >> >> ср, 4 серп. 2021 о 13:45 Daniel-Constantin Mierla <mico...@gmail.com> >> пише: >> >>> Hello, >>> >>> can you set >>> https://www.kamailio.org/wiki/cookbooks/5.5.x/core#tcp_connection_match >>> ? >>> >>> It may work only for connections accepted by Kamailio, but worth a try. >>> >>> Cheers, >>> Daniel >>> On 03.08.21 14:48, Володимир Іванець wrote: >>> >>> Hello Daniel, >>> >>> Yes, I have "socket=tls:172.16.30.206:5062" and "socket=tls: >>> 172.16.30.206:5063" attributes for corresponding records in the >>> Dispatcher configuration table. $fs prints out correct values in the >>> "event_route[tm:local-request]". >>> >>> But I thought that TCP/TLS connections are established from a random >>> port to a destination port on the peer side. And then the remote peer >>> connects from its random port to our port 5062/5063. >>> >>> If understood Kamailio log correctly when it is about to establish a >>> second connection to the same peer it sees an active connection for the >>> previous trunk and uses it instead of creating a new one. >>> >>> Thank you! >>> >>> Regards, Volodymyr Ivanets. >>> >>> пн, 2 серп. 2021 о 22:21 Daniel-Constantin Mierla <mico...@gmail.com> >>> пише: >>> >>>> Hello, >>>> >>>> do you force local send socket? >>>> >>>> Cheers, >>>> Daniel >>>> On 02.08.21 18:21, Володимир Іванець wrote: >>>> >>>> Hello Daniel! >>>> >>>> I updated Kamailio to the latest released version. The problem is that >>>> still with tls_set_connect_server_id() I can not make a single instance of >>>> Kamailio connect to multiple MS Teams domains. I use a single IP address >>>> with different ports for different trunks. I can see it establishing a >>>> connection to one trunk and using it for other domains. >>>> >>>> Is there a way to force Kamailio to make a new TLS connection to the >>>> same peer address that it is already connected to? >>>> >>>> Thank you! >>>> >>>> Regards, Volodymyr Ivanets. >>>> >>>> пн, 2 серп. 2021 о 13:44 Daniel-Constantin Mierla <mico...@gmail.com> >>>> пише: >>>> >>>>> Hello, >>>>> >>>>> upgrading is the recommended way, indeed, if you want to use >>>>> tls_set_connect_server_id(). For older version you may want to try looping >>>>> back to kamailio (can be over udp) and the use the xavps. Adds some >>>>> overhead and hops, but if you are stuck to a version and can't really >>>>> upgrade soon, might be an option to look at. >>>>> >>>>> Cheers, >>>>> Daniel >>>>> On 29.07.21 18:48, Володимир Іванець wrote: >>>>> >>>>> Hello Rob! >>>>> >>>>> Yes, I'm using Letsencrypt while I'm testing. But I would like to be >>>>> able to use different certificates with different sockets. >>>>> >>>>> I found this discussion >>>>> https://github.com/kamailio/kamailio/issues/2413. Looks like I need >>>>> to use "tls_set_connect_server_id()" instead of setting >>>>> $xavp(tls=>server_name)" and "$xavp(tls[0]=>server_id)". Unfortunately I'm >>>>> currently using Kamailio v5.4 on my test system and this function is not >>>>> available. I will update Kamailio and give it another try. Then I will >>>>> update everyone in the hope it will be useful for someone :) >>>>> >>>>> Thank you! >>>>> >>>>> Regards, Volodymyr Ivanets >>>>> >>>>> чт, 29 лип. 2021 о 19:07 Rob van den Bulk <rob.van.den.b...@gmail.com> >>>>> пише: >>>>> >>>>>> Hello, are u using letsencrypt? >>>>>> >>>>>> U can use a multi domain. >>>>>> >>>>>> Muti domain names in one certificate >>>>>> >>>>>> Outlook voor Android <https://aka.ms/AAb9ysg> downloaden >>>>>> ------------------------------ >>>>>> *From:* sr-users <sr-users-boun...@lists.kamailio.org> on behalf of >>>>>> Володимир Іванець <volodyaivan...@gmail.com> >>>>>> *Sent:* Thursday, July 29, 2021 4:44:16 PM >>>>>> *To:* Kamailio (SER) - Users Mailing List < >>>>>> sr-users@lists.kamailio.org> >>>>>> *Subject:* [SR-Users] Integration with multiple MS Teams instances >>>>>> >>>>>> Hello all! >>>>>> >>>>>> I was able to connect Kamailio with MS Teams and now trying to add >>>>>> one more Teams instance. It looks like I have some misconfiguration or >>>>>> there is a bug. >>>>>> >>>>>> My test server has 2 domain records pointing at it ( >>>>>> kamailio.domain1.com and kamailio.domain2.com). My tls.cfg >>>>>> configuration file looks like this. As you can see the Default section is >>>>>> configured with a kamailio.domain1.com sertificate: >>>>>> >>>>>> *[server:default]* >>>>>> *method = TLSv1.0+* >>>>>> *require_certificate = no* >>>>>> *verify_certificate = no* >>>>>> *private_key = >>>>>> /var/kamailio/certificates/kamailio.domain1.com/server/key.pem >>>>>> <http://kamailio.domain1.com/server/key.pem>* >>>>>> *certificate = >>>>>> /var/kamailio/certificates/kamailio.domain1.com/server/cert.pem >>>>>> <http://kamailio.domain1.com/server/cert.pem>* >>>>>> *ca_list = >>>>>> /var/kamailio/certificates/kamailio.domain1.com/CA/cert.pem >>>>>> <http://kamailio.domain1.com/CA/cert.pem>* >>>>>> >>>>>> >>>>>> *[client:default]* >>>>>> *method = TLSv1.0+* >>>>>> *require_certificate = no* >>>>>> *verify_certificate = no* >>>>>> *private_key = >>>>>> /var/kamailio/certificates/kamailio.domain1.com/server/key.pem >>>>>> <http://kamailio.domain1.com/server/key.pem>* >>>>>> *certificate = >>>>>> /var/kamailio/certificates/kamailio.domain1.com/server/cert.pem >>>>>> <http://kamailio.domain1.com/server/cert.pem>* >>>>>> *ca_list = >>>>>> /var/kamailio/certificates/kamailio.domain1.com/CA/cert.pem >>>>>> <http://kamailio.domain1.com/CA/cert.pem>* >>>>>> >>>>>> >>>>>> >>>>>> *[server:172.16.30.206:5062 <http://172.16.30.206:5062>]* >>>>>> *method = TLSv1.0+* >>>>>> *require_certificate = no* >>>>>> *verify_certificate = no* >>>>>> *private_key = >>>>>> /var/kamailio/certificates/kamailio.domain1.com/server/key.pem >>>>>> <http://kamailio.domain1.com/server/key.pem>* >>>>>> *certificate = >>>>>> /var/kamailio/certificates/kamailio.domain1.com/server/cert.pem >>>>>> <http://kamailio.domain1.com/server/cert.pem>* >>>>>> *ca_list = >>>>>> /var/kamailio/certificates/kamailio.domain1.com/CA/cert.pem >>>>>> <http://kamailio.domain1.com/CA/cert.pem>* >>>>>> *server_name = "kamailio.domain1.com <http://kamailio.domain1.com>"* >>>>>> *server_id = "**"kamailio.domain1.com <http://kamailio.domain1.com>"* >>>>>> >>>>>> >>>>>> *[client:172.16.30.206:5062 <http://172.16.30.206:5062>]* >>>>>> *method = TLSv1.0+* >>>>>> *require_certificate = no* >>>>>> *verify_certificate = no* >>>>>> *private_key = >>>>>> /var/kamailio/certificates/kamailio.domain1.com/server/key.pem >>>>>> <http://kamailio.domain1.com/server/key.pem>* >>>>>> *certificate = >>>>>> /var/kamailio/certificates/kamailio.domain1.com/server/cert.pem >>>>>> <http://kamailio.domain1.com/server/cert.pem>* >>>>>> *ca_list = >>>>>> /var/kamailio/certificates/kamailio.domain1.com/CA/cert.pem >>>>>> <http://kamailio.domain1.com/CA/cert.pem>* >>>>>> >>>>>> >>>>>> >>>>>> *[server:172.16.30.206:5063 <http://172.16.30.206:5063>]* >>>>>> *method = TLSv1.0+* >>>>>> *require_certificate = no* >>>>>> *verify_certificate = no* >>>>>> *private_key = >>>>>> /var/kamailio/certificates/kamailio.domain2.com/server/key.pem >>>>>> <http://kamailio.domain2.com/server/key.pem>* >>>>>> *certificate = >>>>>> /var/kamailio/certificates/kamailio.domain2.com/server/cert.pem >>>>>> <http://kamailio.domain2.com/server/cert.pem>* >>>>>> *ca_list = >>>>>> /var/kamailio/certificates/kamailio.domain2.com/CA/cert.pem >>>>>> <http://kamailio.domain2.com/CA/cert.pem>* >>>>>> *server_name = "kamailio.domain2.com <http://kamailio.domain2.com>"* >>>>>> >>>>>> *server_id = "**"kamailio.domain2.com <http://kamailio.domain2.com>"* >>>>>> >>>>>> >>>>>> *[client:172.16.30.206:5063 <http://172.16.30.206:5063>]* >>>>>> *method = TLSv1.0+* >>>>>> *require_certificate = no* >>>>>> *verify_certificate = no* >>>>>> *private_key = >>>>>> /var/kamailio/certificates/kamailio.domain2.com/server/key.pem >>>>>> <http://kamailio.domain2.com/server/key.pem>* >>>>>> *certificate = >>>>>> /var/kamailio/certificates/kamailio.domain2.com/server/cert.pem >>>>>> <http://kamailio.domain2.com/server/cert.pem>* >>>>>> *ca_list = >>>>>> /var/kamailio/certificates/kamailio.domain2.com/CA/cert.pem >>>>>> <http://kamailio.domain2.com/CA/cert.pem>* >>>>>> >>>>>> >>>>>> The dispatcher configuration table looks like this: >>>>>> >>>>>> >>>>>> +----+-------+----------------------------------------------+-------+----------+--------------------------------------------------------------------+-------------+ >>>>>> | id | setid | destination | flags | >>>>>> priority | attrs >>>>>> | description | >>>>>> >>>>>> +----+-------+----------------------------------------------+-------+----------+--------------------------------------------------------------------+-------------+ >>>>>> | 1 | 1 | sip:sip.pstnhub.microsoft.com;transport=tls | 0 >>>>>> | 3 | socket=tls:172.16.30.206:5062;ping_from=sip: >>>>>> kamailio.domain1.com | MS Teams 1 | >>>>>> | 2 | 2 | sip:sip.pstnhub.microsoft.com;transport=tls | 0 >>>>>> | 3 | socket=tls:172.16.30.206:5063;ping_from=sip: >>>>>> kamailio.domain2.com | MS Teams 2 | >>>>>> >>>>>> +----+-------+----------------------------------------------+-------+----------+--------------------------------------------------------------------+-------------+ >>>>>> >>>>>> >>>>>> >>>>>> When Kamailio is started only connection with the first trunk is >>>>>> established: >>>>>> >>>>>> *# kamcmd tls.list* >>>>>> *{* >>>>>> * id: 1* >>>>>> * timeout: 0* >>>>>> * src_ip: 52.114.75.24* >>>>>> * src_port: 5061* >>>>>> * dst_ip: 172.16.30.206* >>>>>> * dst_port: 0* >>>>>> * cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH >>>>>> Au=RSA Enc=AESGCM(256) Mac=AEAD* >>>>>> * ct_wq_size: 0* >>>>>> * enc_rd_buf: 0* >>>>>> * flags: 2* >>>>>> * state: established* >>>>>> *}* >>>>>> *{* >>>>>> * id: 2* >>>>>> * timeout: 0* >>>>>> * src_ip: 52.114.75.24* >>>>>> * src_port: 7810* >>>>>> * dst_ip: 172.16.30.206* >>>>>> * dst_port: 5062* >>>>>> * cipher: AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA >>>>>> Enc=AESGCM(256) Mac=AEAD* >>>>>> * ct_wq_size: 0* >>>>>> * enc_rd_buf: 0* >>>>>> * flags: 2* >>>>>> * state: established* >>>>>> *}* >>>>>> *{* >>>>>> * id: 3* >>>>>> * timeout: 596* >>>>>> * src_ip: 52.114.75.24* >>>>>> * src_port: 7811* >>>>>> * dst_ip: 172.16.30.206* >>>>>> * dst_port: 5062* >>>>>> * cipher: AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA >>>>>> Enc=AESGCM(256) Mac=AEAD* >>>>>> * ct_wq_size: 0* >>>>>> * enc_rd_buf: 0* >>>>>> * flags: 2* >>>>>> * state: established* >>>>>> *}* >>>>>> >>>>>> >>>>>> Here is what I can see in Kamailio log file when it sends an OPTIONS >>>>>> request to the second trunk. Kamailio uses Default tls configuration and >>>>>> MS >>>>>> Teams don't accept it: >>>>>> >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: ALERT: <script>: >>>>>> == TRACE. tm:local-request. fs is tls:172.16.30.206:5063 >>>>>> <http://172.16.30.206:5063>* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tm >>>>>> [uac.c:352]: t_run_local_req(): apply new updates without Via to sip msg* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/msg_translator.c:1796]: check_boundaries(): no multi-part body* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:610]: parse_msg(): SIP Request:* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:612]: parse_msg(): method: <OPTIONS>* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:614]: parse_msg(): uri: >>>>>> <sip:sip.pstnhub.microsoft.com >>>>>> <http://sip.pstnhub.microsoft.com>;transport=tls>* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:616]: parse_msg(): version: <SIP/2.0>* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/parse_via.c:1303]: parse_via_param(): Found param type 232, >>>>>> <branch> = <z9hG4bK169b.6411b4c3000000000000000000000000.0>; state=16* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/parse_via.c:2639]: parse_via(): end of header reached, >>>>>> state=5* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:498]: parse_headers(): Via found, flags=2* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:500]: parse_headers(): this is the first via* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/parse_addr_spec.c:864]: parse_addr_spec(): end of header >>>>>> reached, state=10* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:171]: get_hdr_field(): <To> [47]; >>>>>> uri=[sip:sip.pstnhub.microsoft.com >>>>>> <http://sip.pstnhub.microsoft.com>;transport=tls]* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:174]: get_hdr_field(): to body >>>>>> (47)[<sip:sip.pstnhub.microsoft.com >>>>>> <http://sip.pstnhub.microsoft.com>;transport=tls>^M* >>>>>> *], to tag (0)[]* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:152]: get_hdr_field(): cseq <CSeq>: <10> >>>>>> <OPTIONS>* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:185]: get_hdr_field(): content_length=0* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:89]: get_hdr_field(): found end of header* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:610]: parse_msg(): SIP Request:* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:612]: parse_msg(): method: <OPTIONS>* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:614]: parse_msg(): uri: >>>>>> <sip:sip.pstnhub.microsoft.com >>>>>> <http://sip.pstnhub.microsoft.com>;transport=tls>* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:616]: parse_msg(): version: <SIP/2.0>* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/parse_via.c:1303]: parse_via_param(): Found param type 232, >>>>>> <branch> = <z9hG4bK169b.6411b4c3000000000000000000000000.0>; state=16* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/parse_via.c:2639]: parse_via(): end of header reached, >>>>>> state=5* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:498]: parse_headers(): Via found, flags=2* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:500]: parse_headers(): this is the first via* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/parse_addr_spec.c:864]: parse_addr_spec(): end of header >>>>>> reached, state=10* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:171]: get_hdr_field(): <To> [47]; >>>>>> uri=[sip:sip.pstnhub.microsoft.com >>>>>> <http://sip.pstnhub.microsoft.com>;transport=tls]* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:174]: get_hdr_field(): to body >>>>>> (47)[<sip:sip.pstnhub.microsoft.com >>>>>> <http://sip.pstnhub.microsoft.com>;transport=tls>^M* >>>>>> *], to tag (0)[]* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/parser/msg_parser.c:152]: get_hdr_field(): cseq <CSeq>: <10> >>>>>> <OPTIONS>* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tm >>>>>> [uac.c:189]: uac_refresh_hdr_shortcuts(): cseq: [CSeq: 10]* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/tcp_main.c:1993]: tcp_send(): no open tcp connection found, opening >>>>>> new one* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/ip_addr.c:229]: print_ip(): tcpconn_new: new tcp connection: >>>>>> 52.114.75.24* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/tcp_main.c:1175]: tcpconn_new(): on port 5061, type 3, socket -1* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core> >>>>>> [core/tcp_main.c:1498]: tcpconn_add(): hashes: 2831:67:0, 1* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tls >>>>>> [tls_server.c:199]: tls_complete_init(): completing tls connection >>>>>> initialization* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tls >>>>>> [tls_server.c:162]: tls_get_connect_server_name(): xavp with outbound >>>>>> server name not found* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tls >>>>>> [tls_server.c:142]: tls_get_connect_server_id(): xavp with outbound >>>>>> server >>>>>> id not found* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tls >>>>>> [tls_server.c:228]: tls_complete_init(): Using initial TLS domain >>>>>> TLSc<default> (dom 0x7f35509da688 ctx 0x7f3550b7a568 sn [])* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tls >>>>>> [tls_domain.c:1177]: tls_lookup_private_key(): Private key lookup for >>>>>> SSL_CTX-0x7f3550b7a568: (nil)* >>>>>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tls >>>>>> [tls_domain.c:747]: sr_ssl_ctx_info_callback(): SSL handshake started* >>>>>> *...* >>>>>> >>>>>> >>>>>> If I change the Default configuration to use kamailio.domain2.com >>>>>> certificate, the second trunk will connect but the first one will fail. >>>>>> I tried to set "$xavp(tls=>server_name)" and >>>>>> "$xavp(tls[0]=>server_id)" variables to the event_route[tm:local-request] >>>>>> section but log still stated that server Name and ID were not found. >>>>>> >>>>>> Can someone please point me in the right direction, how can I make >>>>>> Kamailio use the correct certificates when establishing multiple TLS >>>>>> connections? >>>>>> >>>>>> Thanks a lot! >>>>>> >>>>>> Regards, Volodymyr Ivanets >>>>>> __________________________________________________________ >>>>>> Kamailio - Users Mailing List - Non Commercial Discussions >>>>>> * sr-users@lists.kamailio.org >>>>>> Important: keep the mailing list in the recipients, do not reply only >>>>>> to the sender! >>>>>> Edit mailing list options or unsubscribe: >>>>>> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>>>>> >>>>> >>>>> __________________________________________________________ >>>>> Kamailio - Users Mailing List - Non Commercial Discussions >>>>> * sr-users@lists.kamailio.org >>>>> Important: keep the mailing list in the recipients, do not reply only to >>>>> the sender! >>>>> Edit mailing list options or unsubscribe: >>>>> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>>>> >>>>> -- >>>>> Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- >>>>> www.linkedin.com/in/miconda >>>>> >>>>> -- >>>> Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- >>>> www.linkedin.com/in/miconda >>>> >>>> -- >>> Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- >>> www.linkedin.com/in/miconda >>> >>>
__________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions * sr-users@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users