Hi Sebastian,
That message is just an INFO (not an error) - you say TLS handshake
fails on opensips side as it expects a certificate from the end point ?
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
On 18.01.2016 06:32, Sebastian Sastre wrote:
I’ve been trying to setup WSS using 2.2 latest branch.
When trying to open the web socket i get “ Client did not present a
TLS certificate” . Im using the included default ssl certs for
the server to avoid mistakes . What certificate is the user supposed
to present?
I tried using sip.js and jssip to connect without any luck. i also
tried disabling cert requirement but didn’t work.
—— Config ——-
listen=wss:123.456.789.987:5060
listen=tls:123.456.789.987:5061
listen=wss:123.456.789.987:443
load module "proto_udp.so"
load module “proto_tls.so”
loadmodule "proto_wss.so"
loadmodule "tls_mgm.so"
modparam("tls_mgm", "certificate", "/etc/opensips/tls/rootCA/cacert.pem")
modparam("tls_mgm", "private_key",
"/etc/opensips/tls/rootCA/private/cakey.pem")
modparam("tls_mgm", "ca_list", "/etc/opensips/tls/rootCA/cacert.pem")
modparam("tls_mgm", "ca_dir", "/etc/opensips/tls/rootCA/")
modparam("tls_mgm", "require_cert", "0")
modparam(“tls_mgm", "verify_cert", "0")
——- Logs ——-
/sbin/opensips[12468]: INFO:core:probe_max_sock_buff: using snd buffer
of 416 kb
/sbin/opensips[12468]: INFO:core:init_sock_keepalive: TCP keepalive
enabled on socket 37
/sbin/opensips[12460]: INFO:proto_wss:ls_accept: New TLS connection
from xx.xx.xx.xx:50815 accepted
/sbin/opensips[12460]: INFO:proto_wss:tls_accept: Client did not
present a TLS certificate
/sbin/opensips[12460]: INFO:proto_wss:ls_dump_cert_info: tls_accept:
local TLS server certificate subject:
/CN=OpenSIPS/ST=opensips.org/C=IP/emailAddress=t...@opensips.org/O=opensips.org
<http://opensips.org/C=IP/emailAddress=t...@opensips.org/O=opensips.org>,
issuer:
/CN=OpenSIPS/ST=opensips.org/C=IP/emailAddress=t...@opensips.org/O=opensips.org
<http://opensips.org/C=IP/emailAddress=t...@opensips.org/O=opensips.org>
Thanks !
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users