Hi Anil, Are you sure the connecting party is also using TLS ? maybe it is using pure TCP instead of TLC - use tcpdump to see what is going one.
Regards, Bogdan Anil Pannikode wrote: > THanks for the tip. I did not cut and paste the private key properly. > It is now loading how ever the connection is failing with the > following error > > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16984]: > DBG:core:tls_find_server_domain: virtual TLS server domain not found, > Using default TLS server domain settings > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16984]: > DBG:core:tls_tcpconn_init: found socket based TLS server domain > [0.0.0.0:0] > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16984]: > DBG:core:tls_tcpconn_init: Setting in ACCEPT mode (server) > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16984]: > DBG:core:tcpconn_add: hashes: 594, 1 > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16984]: > DBG:core:handle_new_connect: new connection: 0xb3ebdf50 24 flags: 0002 > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16984]: > DBG:core:send2child: to tcp child 0 0(16980), 0xb3ebdf50 > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16980]: > DBG:core:handle_io: received n=4 con=0xb3ebdf50, fd=19 > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16980]: > DBG:core:io_watch_add: io_watch_add(0x826ab20, 19, 2, 0xb3ebdf50), > fd_no=1 > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16980]: > DBG:core:tls_update_fd: New fd is 19 > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16980]: > ERROR:core:tls_accept: some error in SSL: > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16980]: > ERROR:core:tls_print_errstack: error:140760FC:SSL > routines:SSL23_GET_CLIENT_HELLO:unknown protocol > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16980]: > DBG:core:io_watch_del: io_watch_del (0x826ab20, 19, -1, 0x10) fd_no=2 > called > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16980]: > DBG:core:release_tcpconn: releasing con 0xb3ebdf50, state -2, fd=19, id=1 > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16980]: > DBG:core:release_tcpconn: extra_data 0xb3ece068 > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16984]: > DBG:core:handle_tcp_child: reader response= b3ebdf50, -2 from 0 > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16984]: > DBG:core:tcpconn_destroy: destroying connection 0xb3ebdf50, flags 0002 > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16984]: > DBG:core:tls_close: closing SSL connection > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16984]: > DBG:core:tls_update_fd: New fd is 24 > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16984]: > DBG:core:tls_shutdown: shutdown successful > Apr 23 14:13:27 pc10-10-10-193 /usr/sbin/opensips[16984]: > DBG:core:tls_tcpconn_clean: entered > > > Regards > > Anil > > > > > Date: Thu, 23 Apr 2009 23:24:44 +0300 > > From: bog...@voice-system.ro > > To: anilpannik...@hotmail.com > > CC: users@lists.opensips.org > > Subject: Re: [OpenSIPS-Users] Trying to get TLS working with > OpenSips 1.5 > > > > Hi Anil, > > > > Typical error cases: > > - the private key file does not exist or you do not have permission > > to read that file > > - the private key file is not in PEM (base64 encoded) format. > > - if the private key file is encrypted, the password is not correct > > or no password was provided > > - if you loaded a certificate file before issuing this function, the > > public key in that certificate does not match the corresponding private > > key in the private key file. > > > > Regards, > > Bogdan > > > > Anil M Pannikode (hotmail) wrote: > > > > > > I am getting the following error in the log files > > > > > > > > > > > > Apr 23 12:43:55 pc10-10-10-193 opensips: DBG:core:load_certificate: > > > entered > > > > > > Apr 23 12:43:55 pc10-10-10-193 opensips: DBG:core:load_certificate: > > > '//etc/opensips/tls/user/certonly.pem' successfuly loaded > > > > > > Apr 23 12:43:55 pc10-10-10-193 opensips: DBG:core:load_ca: Entered > > > > > > Apr 23 12:43:55 pc10-10-10-193 opensips: DBG:core:load_ca: CA > > > '//etc/opensips/tls/user/user-calist.pem' successfuly loaded > > > > > > Apr 23 12:43:55 pc10-10-10-193 opensips: DBG:core:load_private_key: > > > entered > > > > > > Apr 23 12:43:55 pc10-10-10-193 opensips: ERROR:core:load_private_key: > > > unable to load private key file > > > '//etc/opensips/tls/user/privatekey.pem'. Retry (2 left) (check > > > password case) > > > > > > Apr 23 12:43:55 pc10-10-10-193 opensips: ERROR:core:load_private_key: > > > unable to load private key file > > > '//etc/opensips/tls/user/privatekey.pem'. Retry (1 left) (check > > > password case) > > > > > > Apr 23 12:43:55 pc10-10-10-193 opensips: ERROR:core:load_private_key: > > > unable to load private key file > > > '//etc/opensips/tls/user/privatekey.pem'. Retry (0 left) (check > > > password case) > > > > > > Apr 23 12:43:55 pc10-10-10-193 opensips: ERROR:core:load_private_key: > > > unable to load private key file > '//etc/opensips/tls/user/privatekey.pem' > > > > > > Apr 23 12:43:55 pc10-10-10-193 opensips: CRITICAL:core:main: could > not > > > initialize tls, exiting... > > > > > > Apr 23 12:43:55 pc10-10-10-193 opensips: DBG:dispatcher:destroy: > > > destroying module ... > > > > > > > > > > > > Anybody know what the issues or where to set the password ? > > > > > > > > > > > > Anil > > > > > > > > > > > > > ------------------------------------------------------------------------ > > > > > > _______________________________________________ > > > Users mailing list > > > Users@lists.opensips.org > > > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > > > > > > > ------------------------------------------------------------------------ > Create a cool, new character for your Windows Liveā¢ Messenger. Check > it out <http://go.microsoft.com/?linkid=9656621> _______________________________________________ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users