Glad the problem was solved.
Still, maybe there is place to improve the code to properly report/log
the issue - did you get any indication (in logs) that actually the key
was bogus and the TLS handshake failed ?
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
On 19.01.2016 17:36, Sebastian Sastre wrote:
Bodgan,
Thanks . Yes that one wasn’t an error but i had the wrong private key
configured and the socket was disconnecting so i was able to generate
new certs and it worked fine. I got some help from IRC.
I still see the notice but the socket stays up and i can register.
Right now i have the signaling working perfect, but i have no audio
either way. Im trying to figure out why rtpengine is not working
correctly.
Thanks again
On Tue, Jan 19, 2016 at 5:21 AM, Bogdan-Andrei Iancu
<bog...@opensips.org <mailto:bog...@opensips.org>> wrote:
Hi Sebastian,
That message is just an INFO (not an error) - you say TLS
handshake fails on opensips side as it expects a certificate from
the end point ?
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
On 18.01.2016 06:32, Sebastian Sastre wrote:
I’ve been trying to setup WSS using 2.2 latest branch.
When trying to open the web socket i get “ Client did not present
a TLS certificate” . Im using the included default ssl certs for
the server to avoid mistakes . What certificate is the user
supposed to present?
I tried using sip.js and jssip to connect without any luck. i
also tried disabling cert requirement but didn’t work.
—— Config ——-
listen=wss:123.456.789.987:5060
listen=tls:123.456.789.987:5061
listen=wss:123.456.789.987:443
load module "proto_udp.so"
load module “proto_tls.so”
loadmodule "proto_wss.so"
loadmodule "tls_mgm.so"
modparam("tls_mgm", "certificate",
"/etc/opensips/tls/rootCA/cacert.pem")
modparam("tls_mgm", "private_key",
"/etc/opensips/tls/rootCA/private/cakey.pem")
modparam("tls_mgm", "ca_list",
"/etc/opensips/tls/rootCA/cacert.pem")
modparam("tls_mgm", "ca_dir", "/etc/opensips/tls/rootCA/")
modparam("tls_mgm", "require_cert", "0")
modparam(“tls_mgm", "verify_cert", "0")
——- Logs ——-
/sbin/opensips[12468]: INFO:core:probe_max_sock_buff: using snd
buffer of 416 kb
/sbin/opensips[12468]: INFO:core:init_sock_keepalive: TCP
keepalive enabled on socket 37
/sbin/opensips[12460]: INFO:proto_wss:ls_accept: New TLS
connection from xx.xx.xx.xx:50815 accepted
/sbin/opensips[12460]: INFO:proto_wss:tls_accept: Client did not
present a TLS certificate
/sbin/opensips[12460]: INFO:proto_wss:ls_dump_cert_info:
tls_accept: local TLS server certificate subject:
/CN=OpenSIPS/ST=opensips.org/C=IP/emailAddress=t...@opensips.org/O=opensips.org
<mailto:opensips.org/C=IP/emailAddress=t...@opensips.org/O=opensips.org>,
issuer:
/CN=OpenSIPS/ST=opensips.org/C=IP/emailAddress=t...@opensips.org/O=opensips.org
<http://opensips.org/C=IP/emailAddress=t...@opensips.org/O=opensips.org>
Thanks !
_______________________________________________
Users mailing list
Users@lists.opensips.org <mailto:Users@lists.opensips.org>
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
