Re: [OpenSIPS-Users] opensips-cli skipping module tls

Răzvan Crainea Wed, 27 Sep 2023 06:50:47 -0700

Can you actually check that the two (private key and certificate) match?
https://www.ibm.com/support/pages/how-verify-if-private-key-matches-certificate


Best regards,

Răzvan Crainea
OpenSIPS Core Developer / SIPhub CTO
http://www.opensips-solutions.com / https://www.siphub.com

On 9/26/23 19:54, L S wrote:

Thanks Razvan. Installing the cryptography module fixed it - I was ableto run both -x tls rootCA and userCERT, and create the certificates.


However, when I start Opensips, I get the following error:

ERROR:tls_wolfssl:load_private_key: key'/usr/local/etc/opensips/tls/server/privkey.pem' does not match thepublic key of the certificate

I tried creating the certificates both on Centos 7 and Ubuntu Focal, andthey both gave the same error.The data for the certificates comes from opensips-cli.cfg. I had createdcertificates with that cfg 3 months ago, and used in Opensips scriptwithout any issues.

  I only changed the domain name this time.

Any suggestions?
Thanks,
Matt

On Tue, Sep 26, 2023, 9:56 AM Răzvan Crainea <raz...@opensips.org<mailto:raz...@opensips.org>> wrote:


    Can you double check whether you have the python-openssl or
    python-cryptography libraries?

    Best regards,

    Răzvan Crainea
    OpenSIPS Core Developer / SIPhub CTO
    http://www.opensips-solutions.com
    <http://www.opensips-solutions.com> / https://www.siphub.com
    <https://www.siphub.com>

    On 9/26/23 16:38, L S wrote:
     > I'm trying to create certificates using opensips-cli:
     >
     > opensips-cli - f /usr/local/etc/opensips-cli.cfg -d -x tls rootCA
     > DEBUG: Skipping module 'tls' - excluded on purpose
     >
     > ERROR: No module 'tls' loaded
     >
     > Trying to find out why I am getting this message now - it used to
    work
     > fine. All other modules are loaded.
     >
     > Thaks,
     > Matt
     >
     > _______________________________________________
     > Users mailing list
     > Users@lists.opensips.org <mailto:Users@lists.opensips.org>
     > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
    <http://lists.opensips.org/cgi-bin/mailman/listinfo/users>

    _______________________________________________
    Users mailing list
    Users@lists.opensips.org <mailto:Users@lists.opensips.org>
    http://lists.opensips.org/cgi-bin/mailman/listinfo/users
    <http://lists.opensips.org/cgi-bin/mailman/listinfo/users>


_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users


_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] opensips-cli skipping module tls

Reply via email to