Hello, On 22.03.23 00:34, David Cunningham wrote: > Hello, > > We have a Kamailio 5.2.7 server with WebRTC enabled. However, a WebRTC > client at https://tryit.jssip.net/ is unable to connect on either > Chrome or Firefox. In the Kamailio log we see the lines below. In > tls.cfg we have "verify_certificate = no" and "require_certificate = > no" for both [server:default] and [client:default]. Would anyone be > able to help us with this? > > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls > [tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for > SSL_CTX-0x14baf1cbb090: (nil) > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls > [tls_domain.c:749]: sr_ssl_ctx_info_callback(): SSL handshake done > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls > [tls_domain.c:737]: sr_ssl_ctx_info_callback(): SSL handshake started > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls > [tls_domain.c:741]: sr_ssl_ctx_info_callback(): SSL renegotiation > initiated by client > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls > [tls_domain.c:749]: sr_ssl_ctx_info_callback(): SSL handshake done > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls > [tls_domain.c:737]: sr_ssl_ctx_info_callback(): SSL handshake started > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls > [tls_domain.c:741]: sr_ssl_ctx_info_callback(): SSL renegotiation > initiated by client > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls > [tls_domain.c:749]: sr_ssl_ctx_info_callback(): SSL handshake done > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls > [tls_server.c:424]: tls_accept(): TLS accept successful > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls > [tls_server.c:431]: tls_accept(): tls_accept: new connection from > xx.xx.xx.xx:39816 using TLSv1.3 TLS_AES_256_GCM_SHA384 256 > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls > [tls_server.c:434]: tls_accept(): tls_accept: local socket: > yy.yy.yy.yy:8443 > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls > [tls_server.c:445]: tls_accept(): tls_accept: client did not present a > certificate > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls > [tls_server.c:1189]: tls_read_f(): Reading on a renegotiation of > connection (n:532) (0) > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: <core> > [core/tcp_read.c:1527]: tcp_read_req(): EOF > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: <core> > [core/io_wait.h:602]: io_watch_del(): DBG: io_watch_del > (0x562ffde66d00, 17, -1, 0x10) fd_no=4 called > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: <core> > [core/tcp_read.c:1680]: release_tcpconn(): releasing con > 0x14baf4cc1ec8, state -1, fd=17, id=665 ([xx.xx.xx.xx]:39816 -> > [xx.xx.xx.xx]:8443) > Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: <core> > [core/tcp_read.c:1684]: release_tcpconn(): extra_data 0x14baf289ea30 > Mar 22 01:25:28 br /sbin/kamailio[25291]: DEBUG: <core> > [core/tcp_main.c:3320]: handle_tcp_child(): reader response= > 14baf4cc1ec8, -1 from 1 > Mar 22 01:25:28 br /sbin/kamailio[25291]: DEBUG: tls > [tls_server.c:683]: tls_h_close(): Closing SSL connection 0x14baf289ea30
"client did not present a certificate" is a debug message, not an error. >From the logs, you have to enable connection renegotiation for tls module if you haven't done it, there is a modparm for it. Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio World Conference - June 5-7, 2023 - www.kamailioworld.com Kamailio Advanced Training - Online - March 27-30, 2023 - www.asipto.com __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-le...@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: