Hi Ihor,

 

Thank you for your reply, I’ve check the certificate on that web and it tells me that I may need to install an intermediate certificate. I’m not sure how to do that in Kamailio. Could you help me with that

 

Thank you again for your help, I’ll keep that web for the future I’m sure it’ll be usefull

 

 

 

De: Ihor Olkhovskyi via sr-users <sr-users@lists.kamailio.org>
Enviado el: jueves, 21 de diciembre de 2023 11:43
Para: Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org>
CC: Ihor Olkhovskyi <igorolhovskiy@gmail.com>
Asunto: [SR-Users] Re: Errors with TLS

 

Samuel,

 

By chance, have you checked that your cert is valid with openssl or some online tools like https://www.sslshopper.com/ssl-checker.html ?

 

Le jeu. 21 déc. 2023 à 09:19, SAMUEL MOYA TINOCO via sr-users <sr-users@lists.kamailio.org> a écrit :

Hi everyone,

 

All my environment was working properly. But a few days ago I’ve started to have problems with my websocket connectios. Everytime I try to register my websocket Kamailio log this

 

Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls [tls_server.c:1330]: tls_h_read_f(): protocol level error

Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls [tls_util.h:50]: tls_err_ret(): TLS accept:error:0A000416:SSL routines::sslv3 alert certificate unknown (sni: unknown)

Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls [tls_server.c:1334]: tls_h_read_f(): src addr: IP_webclient:61423

Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls [tls_server.c:1337]: tls_h_read_f(): dst addr: IP_Kamailio:8443

Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: <core> [core/tcp_read.c:1476]: tcp_read_req(): ERROR: tcp_read_req: error reading - c: 0x7fbc423053b0 r: 0x7fbc423054d8 (-1)

 

My tls.cfg:

[server:default]

method = TLSv1.2+

verify_certificate = no

require_certificate = yes

private_key = /etc/kamailio/cert/clave_SSL.key

certificate = /etc/kamailio/cert/certificado.pem

 

Kamailio version:

root@prod-kamailio:/etc/kamailio# kamailio -v

version: kamailio 5.6.3 (x86_64/linux)

flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES, TLS_PTHREAD_MUTEX_SHARED

ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB

poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.

id: unknown

compiled with gcc 12.2.0

 

I don’t know why it stopped working. And I’m not sure what to do or what to check.

Has anyone faced this problem?

Any help would be appreciated

 

Thanks in advance

 

 

Samuel Moya Tinoco

Departamento de Sistemas y Redes

Móvil: (+34) 606985997

smoya@vivelibre.es

 

 

 

Soluciones inteligentes
para la autonomía personal

 

 

 

 

__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-leave@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe:



--

Best regards,

Ihor (Igor)