Hi Guys, After enabling TLS i am getting following error in Kamailio 5.1
/usr/sbin/kamailio[2214]: ERROR: tls [tls_util.h:42]: tls_err_ret(): load_cert:error:20074002:BIO routines:file_ctrl:system lib /usr/sbin/kamailio[2214]: ERROR: tls [tls_util.h:42]: tls_err_ret(): load_cert:error:140DC002:SSL routines:use_certificate_chain_file:system lib /usr/sbin/kamailio[2214]: ERROR: <core> [core/sr_module.c:940]: init_mod_child(): error while initializing module tls (/usr/lib/x86_64-linux-gnu/kamailio/modules/tls.so) (idx: 0 rank: -127 desc: [main])
My tls.conf is as follows:
[server:default] method = TLSv1+ verify_certificate = no require_certificate = no private_key = /etc/kamailio/keys/my.key.pem certificate = /etc/kamailio/keys/my.crt.pem #ca_list = /etc/kamailio/tls/cacert.pem #crl = /etc/kamailio/tls/crl.pem
# This is the default client domain, settings # in this domain will be used for all outgoing # TLS connections that do not match any other # client domain in this configuration file. # We require that servers present valid certificate. # [client:default] #method = TLSv1 verify_certificate = yes require_certificate = yes
Please hep me to understand and fix the issue.
Looks as TLS module loaded after other module with encryption support (db_postgres as example). Need load tls module by first step, may be before any other.
пн, 4 мар. 2019 г. в 14:57, Adesh Pandey adesh.pandey@myoperator.co:
Hi Guys, After enabling TLS i am getting following error in Kamailio 5.1
/usr/sbin/kamailio[2214]: ERROR: tls [tls_util.h:42]: tls_err_ret(): load_cert:error:20074002:BIO routines:file_ctrl:system lib /usr/sbin/kamailio[2214]: ERROR: tls [tls_util.h:42]: tls_err_ret(): load_cert:error:140DC002:SSL routines:use_certificate_chain_file:system lib /usr/sbin/kamailio[2214]: ERROR: <core> [core/sr_module.c:940]: init_mod_child(): error while initializing module tls (/usr/lib/x86_64-linux-gnu/kamailio/modules/tls.so) (idx: 0 rank: -127 desc: [main])
My tls.conf is as follows:
[server:default] method = TLSv1+ verify_certificate = no require_certificate = no private_key = /etc/kamailio/keys/my.key.pem certificate = /etc/kamailio/keys/my.crt.pem #ca_list = /etc/kamailio/tls/cacert.pem #crl = /etc/kamailio/tls/crl.pem
# This is the default client domain, settings # in this domain will be used for all outgoing # TLS connections that do not match any other # client domain in this configuration file. # We require that servers present valid certificate. # [client:default] #method = TLSv1 verify_certificate = yes require_certificate = yes
Please hep me to understand and fix the issue. _______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Thanks, kamailio was not loading keys from the location other than /etc/kamailio, I saved in the /etc/kamailio, it is working fine now.
On Mon, Mar 4, 2019 at 5:50 PM Sergey Safarov s.safarov@gmail.com wrote:
Looks as TLS module loaded after other module with encryption support (db_postgres as example). Need load tls module by first step, may be before any other.
пн, 4 мар. 2019 г. в 14:57, Adesh Pandey adesh.pandey@myoperator.co:
Hi Guys, After enabling TLS i am getting following error in Kamailio 5.1
/usr/sbin/kamailio[2214]: ERROR: tls [tls_util.h:42]: tls_err_ret(): load_cert:error:20074002:BIO routines:file_ctrl:system lib /usr/sbin/kamailio[2214]: ERROR: tls [tls_util.h:42]: tls_err_ret(): load_cert:error:140DC002:SSL routines:use_certificate_chain_file:system lib /usr/sbin/kamailio[2214]: ERROR: <core> [core/sr_module.c:940]: init_mod_child(): error while initializing module tls (/usr/lib/x86_64-linux-gnu/kamailio/modules/tls.so) (idx: 0 rank: -127 desc: [main])
My tls.conf is as follows:
[server:default] method = TLSv1+ verify_certificate = no require_certificate = no private_key = /etc/kamailio/keys/my.key.pem certificate = /etc/kamailio/keys/my.crt.pem #ca_list = /etc/kamailio/tls/cacert.pem #crl = /etc/kamailio/tls/crl.pem
# This is the default client domain, settings # in this domain will be used for all outgoing # TLS connections that do not match any other # client domain in this configuration file. # We require that servers present valid certificate. # [client:default] #method = TLSv1 verify_certificate = yes require_certificate = yes
Please hep me to understand and fix the issue. _______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-
Adesh Pandey -
Sergey Safarov