Hello,
if you run latest versions of web browsers, they become more restrictive on wss connection. Be sure that the cetificate is also trusted by the web browser.
You can go with the web browser to https://ipofkamailio:portforwss and see if you get any warnings there.
Cheers, Daniel
On 06/09/14 17:23, Manuel Camarg wrote:
I'm trying to implement WSS with Kamailio Thing is that WS works fine, I've followed: http://nil.uniza.sk/sip/kamailio/configuring-kamailio-4x-websocket
modparam("tls", "config", "webrtc/tls.cfg") In a tls.cfg file I have :
[server:default] method = SSLv23 verify_certificate = no require_certificate = no private_key = webrtc/private.key certificate = webrtc/ssl.pem ca_list = webrtc/ca_list.pem
In the log file:
/usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:178]: tls_complete_init(): Using TLS domain TLSs<default> /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake started /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f7513516958 n=5524 fd=11 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x8e0040, 11, 2, 0x7f7513516958), fd_no=1 /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:712]: sr_ssl_ctx_info_callback(): SSL handshake done /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:715]: sr_ssl_ctx_info_callback(): SSL disable renegotiation /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:348]: tls_accept(): TLS accept successful /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:355]: tls_accept(): tls_accept: new connection from 123.123.123.123:63300 http://123.123.123.123:63300 using TLSv1/SSLv3 AES256-SHA 256 /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:358]: tls_accept(): tls_accept: local socket: 124.124.124.124:10443 http://124.124.124.124:10443 /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:369]: tls_accept(): tls_accept: client did not present a certificate /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f7513516958 n=282 fd=11 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:296]: tcp_read_data(): EOF on 0x7f7513516958, FD 11 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1293]: tcp_read_req(): tcp_read_req: EOF /usr/local/sbin/kamailio[4025]: DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x8e0040, 11, -1, 0x10) fd_no=2 called /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1437]: release_tcpconn(): releasing con 0x7f7513516958, state -1, fd=11, id=2 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1438]: release_tcpconn(): extra_data 0x7f7513510a88 /usr/local/sbin/kamailio[4029]: DEBUG: <core> [tcp_main.c:3385]: handle_tcp_child(): handle_tcp_child: reader response= 7f7513516958, -1 from 1 /usr/local/sbin/kamailio[4029]: DEBUG: tls [tls_server.c:597]: tls_h_close(): Closing SSL connection 0x7f7513510a88
In sipml5 the error:
/Disconnected: *Failed to connect to the server*/
In the Chrome console:
/*__tsip_transport_ws_onerror */ /*__tsip_transport_ws_onclose */ /* */ SSL certificates seem to be ok: # openssl verify -CAfile ca_list.pem ssl.pem ssl.pem: OK
Can't figure out a solution :( Any ideas?
*Manuel Camargo* Teléfono: 638000836 eMail: sir.louen@gmail.com mailto:sir.louen@gmail.com
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users