OK so now I have this: modparam("tls_mgm","certificate", "[my.domain.name ]/usr/local/etc/opensips/tls/myCert.pem") modparam("tls_mgm","private_key", "[my.domain.name ]/usr/local/etc/opensips/tls/myKey.key") modparam("tls_mgm","ca_dir", "/etc/ssl/certs") modparam("tls_mgm","verify_cert", "[my.domain.name]1") modparam("tls_mgm","require_cert", "[my.domain.name]1") modparam("tls_mgm","tls_method", "[my.domain.name]TLSv1_2") modparam("tls_mgm", "match_sip_domain", "my.domain.name")
But now it claims that my.domain.name is not defined in myCert.pem I know it is - it is in a SAN within the certificate. Any suggestions? Many thanks Mark. On Fri, 13 Nov 2020 at 15:12, Kevin Vines <kevin.vi...@gmail.com> wrote: > Hi Mark, > > Based on some googling it looks like you need to specify the domain eg: > > modparam("tls_mgm","verify_cert", "[domain.com]1") > > https://fossies.org/linux/opensips/modules/tls_mgm/README > > Kevin > *From:* farm...@gmail.com > *Sent:* November 13, 2020 9:49 a.m. > *To:* users@lists.opensips.org > *Reply to:* users@lists.opensips.org > *Subject:* [OpenSIPS-Users] Teams TLS Error > > Hi everyone > > OpenSIPS 3.1.0 > > I am following the OpenSIPS as Teams SBC guide and have added the TLS > config: > > modparam("tls_mgm","verify_cert", "1") > modparam("tls_mgm","require_cert", "1") > modparam("tls_mgm","tls_method", "TLSv1_2") > modparam("tls_mgm","certificate", "/usr/local/etc/opensips/tls/myCert.pem > ") > modparam("tls_mgm","private_key", "/usr/local/etc/opensips/tls/myKey.key") > modparam("tls_mgm", "ca_dir", "/etc/ssl/certs") > > But I am seeing a TLS domain error: > > Nov 13 14:36:50 [175314] ERROR:tls_mgm:split_param_val: No TLS domain name > Nov 13 14:36:50 [175314] Traceback (last included file at the bottom): > Nov 13 14:36:50 [175314] 0. /usr/local//etc/opensips/opensips.cfg > Nov 13 14:36:50 [175314] CRITICAL:core:yyerror: parse error in > /usr/local//etc/opensips/opensips.cfg:191:19-20: Parameter <verify_cert> > not found in module <tls_mgm> - can't set > Nov 13 14:36:50 [175314] #modparam("tls_mgm", "require_cert", "[dom4]1") > Nov 13 14:36:50 [175314] > Nov 13 14:36:50 [175314] modparam("tls_mgm","verify_cert", "1") > Nov 13 14:36:50 [175314] ^~ > Nov 13 14:36:50 [175314] modparam("tls_mgm","require_cert", "1") > Nov 13 14:36:50 [175314] modparam("tls_mgm","tls_method", "TLSv1_2") > Nov 13 14:36:50 [175314] DBG:core:set_mod_param_regex: tls_mgm matches > module tls_mgm > Nov 13 14:36:50 [175314] DBG:core:set_mod_param_regex: found > <require_cert> in module tls_mgm [/usr/local/lib64/opensips/modules/] > Nov 13 14:36:50 [175314] ERROR:tls_mgm:split_param_val: No TLS domain name > > Can anyone tell me what I might be missing please? > > Many thanks > Mark. > > _______________________________________________ > Users mailing list > Users@lists.opensips.org > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > -- Mark Farmer farm...@gmail.com
_______________________________________________ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users