That’s my experience, too, but perhaps there’s something not quite clear about the location of the tls.cfg file, or the applicability of the given profiles, etc.
> On Mar 22, 2023, at 3:59 AM, Henning Westerholt <h...@gilawa.com> wrote: > > Hello Alex, > > if you set this in a dedicated tls.cfg, its in my experience not necessary to > set these parameters additionally in the kamailio.cfg. > > Cheers, > > Henning > > -----Original Message----- > From: Alex Balashov <abalas...@evaristesys.com> > Sent: Mittwoch, 22. März 2023 02:27 > To: Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org> > Subject: [SR-Users] Re: WebRTC "client did not present a certificate" error > > Try set these, too: > > https://kamailio.org/docs/modules/5.6.x/modules/tls.html#tls.p.require_certificate > > https://kamailio.org/docs/modules/5.6.x/modules/tls.html#tls.p.verify_certificate > > — Alex > >> On Mar 21, 2023, at 7:34 PM, David Cunningham <dcunning...@voisonics.com> >> wrote: >> >> Hello, >> >> We have a Kamailio 5.2.7 server with WebRTC enabled. However, a WebRTC >> client at https://tryit.jssip.net/ is unable to connect on either Chrome or >> Firefox. In the Kamailio log we see the lines below. In tls.cfg we have >> "verify_certificate = no" and "require_certificate = no" for both >> [server:default] and [client:default]. Would anyone be able to help us with >> this? >> >> Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls >> [tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for >> SSL_CTX-0x14baf1cbb090: (nil) Mar 22 01:25:28 br >> /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:749]: >> sr_ssl_ctx_info_callback(): SSL handshake done Mar 22 01:25:28 br >> /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:737]: >> sr_ssl_ctx_info_callback(): SSL handshake started Mar 22 01:25:28 br >> /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:741]: >> sr_ssl_ctx_info_callback(): SSL renegotiation initiated by client Mar >> 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:749]: >> sr_ssl_ctx_info_callback(): SSL handshake done Mar 22 01:25:28 br >> /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:737]: >> sr_ssl_ctx_info_callback(): SSL handshake started Mar 22 01:25:28 br >> /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:741]: >> sr_ssl_ctx_info_callback(): SSL renegotiation initiated by client Mar >> 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:749]: >> sr_ssl_ctx_info_callback(): SSL handshake done Mar 22 01:25:28 br >> /sbin/kamailio[25259]: DEBUG: tls [tls_server.c:424]: tls_accept(): >> TLS accept successful Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: >> tls [tls_server.c:431]: tls_accept(): tls_accept: new connection from >> xx.xx.xx.xx:39816 using TLSv1.3 TLS_AES_256_GCM_SHA384 256 Mar 22 >> 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_server.c:434]: >> tls_accept(): tls_accept: local socket: yy.yy.yy.yy:8443 Mar 22 >> 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_server.c:445]: >> tls_accept(): tls_accept: client did not present a certificate Mar 22 >> 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_server.c:1189]: >> tls_read_f(): Reading on a renegotiation of connection (n:532) (0) Mar >> 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: <core> >> [core/tcp_read.c:1527]: tcp_read_req(): EOF Mar 22 01:25:28 br >> /sbin/kamailio[25259]: DEBUG: <core> [core/io_wait.h:602]: >> io_watch_del(): DBG: io_watch_del (0x562ffde66d00, 17, -1, 0x10) >> fd_no=4 called Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: <core> >> [core/tcp_read.c:1680]: release_tcpconn(): releasing con >> 0x14baf4cc1ec8, state -1, fd=17, id=665 ([xx.xx.xx.xx]:39816 -> >> [xx.xx.xx.xx]:8443) Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: >> <core> [core/tcp_read.c:1684]: release_tcpconn(): extra_data >> 0x14baf289ea30 Mar 22 01:25:28 br /sbin/kamailio[25291]: DEBUG: <core> >> [core/tcp_main.c:3320]: handle_tcp_child(): reader response= >> 14baf4cc1ec8, -1 from 1 Mar 22 01:25:28 br /sbin/kamailio[25291]: >> DEBUG: tls [tls_server.c:683]: tls_h_close(): Closing SSL connection >> 0x14baf289ea30 >> >> Thanks very much, >> >> -- >> David Cunningham, Voisonics Limited >> http://voisonics.com/ >> USA: +1 213 221 1092 >> New Zealand: +64 (0)28 2558 3782 >> __________________________________________________________ >> Kamailio - Users Mailing List - Non Commercial Discussions To >> unsubscribe send an email to sr-users-le...@lists.kamailio.org >> Important: keep the mailing list in the recipients, do not reply only to the >> sender! >> Edit mailing list options or unsubscribe: > > -- > Alex Balashov > Principal Consultant > Evariste Systems LLC > Web: https://evaristesys.com > Tel: +1-706-510-6800 > > __________________________________________________________ > Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe > send an email to sr-users-le...@lists.kamailio.org > Important: keep the mailing list in the recipients, do not reply only to the > sender! > Edit mailing list options or unsubscribe: -- Alex Balashov Principal Consultant Evariste Systems LLC Web: https://evaristesys.com Tel: +1-706-510-6800 __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-le...@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
