I'm trying to implement WSS with Kamailio Thing is that WS works fine, I've followed: http://nil.uniza.sk/sip/kamailio/configuring-kamailio-4x-websocket
modparam("tls", "config", "webrtc/tls.cfg") In a tls.cfg file I have :
[server:default] method = SSLv23 verify_certificate = no require_certificate = no private_key = webrtc/private.key certificate = webrtc/ssl.pem ca_list = webrtc/ca_list.pem
In the log file:
/usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:178]: tls_complete_init(): Using TLS domain TLSs<default> /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake started /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f7513516958 n=5524 fd=11 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x8e0040, 11, 2, 0x7f7513516958), fd_no=1 /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:712]: sr_ssl_ctx_info_callback(): SSL handshake done /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:715]: sr_ssl_ctx_info_callback(): SSL disable renegotiation /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:348]: tls_accept(): TLS accept successful /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:355]: tls_accept(): tls_accept: new connection from 123.123.123.123:63300 using TLSv1/SSLv3 AES256-SHA 256 /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:358]: tls_accept(): tls_accept: local socket: 124.124.124.124:10443 /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:369]: tls_accept(): tls_accept: client did not present a certificate /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f7513516958 n=282 fd=11 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:296]: tcp_read_data(): EOF on 0x7f7513516958, FD 11 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1293]: tcp_read_req(): tcp_read_req: EOF /usr/local/sbin/kamailio[4025]: DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x8e0040, 11, -1, 0x10) fd_no=2 called /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1437]: release_tcpconn(): releasing con 0x7f7513516958, state -1, fd=11, id=2 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1438]: release_tcpconn(): extra_data 0x7f7513510a88 /usr/local/sbin/kamailio[4029]: DEBUG: <core> [tcp_main.c:3385]: handle_tcp_child(): handle_tcp_child: reader response= 7f7513516958, -1 from 1 /usr/local/sbin/kamailio[4029]: DEBUG: tls [tls_server.c:597]: tls_h_close(): Closing SSL connection 0x7f7513510a88
In sipml5 the error:
*Disconnected: Failed to connect to the server*
In the Chrome console:
*__tsip_transport_ws_onerror * *__tsip_transport_ws_onclose *
SSL certificates seem to be ok: # openssl verify -CAfile ca_list.pem ssl.pem ssl.pem: OK
Can't figure out a solution :( Any ideas?
*Manuel Camargo* Teléfono: 638000836 eMail: sir.louen@gmail.com
Hello,
if you run latest versions of web browsers, they become more restrictive on wss connection. Be sure that the cetificate is also trusted by the web browser.
You can go with the web browser to https://ipofkamailio:portforwss and see if you get any warnings there.
Cheers, Daniel
On 06/09/14 17:23, Manuel Camarg wrote:
I'm trying to implement WSS with Kamailio Thing is that WS works fine, I've followed: http://nil.uniza.sk/sip/kamailio/configuring-kamailio-4x-websocket
modparam("tls", "config", "webrtc/tls.cfg") In a tls.cfg file I have :
[server:default] method = SSLv23 verify_certificate = no require_certificate = no private_key = webrtc/private.key certificate = webrtc/ssl.pem ca_list = webrtc/ca_list.pem
In the log file:
/usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:178]: tls_complete_init(): Using TLS domain TLSs<default> /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake started /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f7513516958 n=5524 fd=11 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x8e0040, 11, 2, 0x7f7513516958), fd_no=1 /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:712]: sr_ssl_ctx_info_callback(): SSL handshake done /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:715]: sr_ssl_ctx_info_callback(): SSL disable renegotiation /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:348]: tls_accept(): TLS accept successful /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:355]: tls_accept(): tls_accept: new connection from 123.123.123.123:63300 http://123.123.123.123:63300 using TLSv1/SSLv3 AES256-SHA 256 /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:358]: tls_accept(): tls_accept: local socket: 124.124.124.124:10443 http://124.124.124.124:10443 /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:369]: tls_accept(): tls_accept: client did not present a certificate /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f7513516958 n=282 fd=11 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:296]: tcp_read_data(): EOF on 0x7f7513516958, FD 11 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1293]: tcp_read_req(): tcp_read_req: EOF /usr/local/sbin/kamailio[4025]: DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x8e0040, 11, -1, 0x10) fd_no=2 called /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1437]: release_tcpconn(): releasing con 0x7f7513516958, state -1, fd=11, id=2 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1438]: release_tcpconn(): extra_data 0x7f7513510a88 /usr/local/sbin/kamailio[4029]: DEBUG: <core> [tcp_main.c:3385]: handle_tcp_child(): handle_tcp_child: reader response= 7f7513516958, -1 from 1 /usr/local/sbin/kamailio[4029]: DEBUG: tls [tls_server.c:597]: tls_h_close(): Closing SSL connection 0x7f7513510a88
In sipml5 the error:
/Disconnected: *Failed to connect to the server*/
In the Chrome console:
/*__tsip_transport_ws_onerror */ /*__tsip_transport_ws_onclose */ /* */ SSL certificates seem to be ok: # openssl verify -CAfile ca_list.pem ssl.pem ssl.pem: OK
Can't figure out a solution :( Any ideas?
*Manuel Camargo* Teléfono: 638000836 eMail: sir.louen@gmail.com mailto:sir.louen@gmail.com
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Hello Daniel:
Trying it, accessing via Browser here is the log, similarities with the access via SIPML5, no errors, no warnings (at least as far as I can see):
DEBUG: <core> [ip_addr.c:243]: print_ip(): tcpconn_new: new tcp connection: 123.123.123.123 DEBUG: <core> [tcp_main.c:1096]: tcpconn_new(): tcpconn_new: on port 58654, type 3 DEBUG: <core> [tcp_main.c:1408]: tcpconn_add(): tcpconn_add: hashes: 263:3337:1427, 5 DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x89bda0, 34, 2, 0x7f72f4768638), fd_no=22 DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x89bda0, 34, -1, 0x0) fd_no=23 called DEBUG: <core> [tcp_main.c:4302]: handle_tcpconn_ev(): tcp: DBG: sending to child, events 1 DEBUG: <core> [tcp_main.c:3973]: send2child(): selected tcp worker 0 11(1700) for activity on [tls:124.124.124.124:10443], 0x7f72f4768638 DEBUG: <core> [tcp_read.c:1510]: handle_io(): received n=8 con=0x7f72f4768638, fd=11 DEBUG: tls [tls_server.c:178]: tls_complete_init(): Using TLS domain TLSs<default> DEBUG: tls [tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake started DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f72f4768638 n=2060 fd=11 DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x8e0040, 11, 2, 0x7f72f4768638), fd_no=1 DEBUG: tls [tls_domain.c:712]: sr_ssl_ctx_info_callback(): SSL handshake done DEBUG: tls [tls_domain.c:715]: sr_ssl_ctx_info_callback(): SSL disable renegotiation DEBUG: tls [tls_server.c:348]: tls_accept(): TLS accept successful DEBUG: tls [tls_server.c:355]: tls_accept(): tls_accept: new connection from 123.123.123.123:58654 using TLSv1/SSLv3 AES256-SHA 256 DEBUG: tls [tls_server.c:358]: tls_accept(): tls_accept: local socket: 124.124.124.124:10443 DEBUG: tls [tls_server.c:369]: tls_accept(): tls_accept: client did not present a certificate DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f72f4768638 n=282 fd=11 DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 DEBUG: <core> [tcp_read.c:296]: tcp_read_data(): EOF on 0x7f72f4768638, FD 11 DEBUG: <core> [tcp_read.c:1293]: tcp_read_req(): tcp_read_req: EOF DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x8e0040, 11, -1, 0x10) fd_no=2 called DEBUG: <core> [tcp_read.c:1437]: release_tcpconn(): releasing con 0x7f72f4768638, state -1, fd=11, id=5 DEBUG: <core> [tcp_read.c:1438]: release_tcpconn(): extra_data 0x7f72f47915b0 DEBUG: <core> [tcp_main.c:3385]: handle_tcp_child(): handle_tcp_child: reader response= 7f72f4768638, -1 from 0 DEBUG: tls [tls_server.c:597]: tls_h_close(): Closing SSL connection 0x7f72f47915b0 DEBUG: <core> [ip_addr.c:243]: print_ip(): tcpconn_new: new tcp connection: 123.123.123.123 DEBUG: <core> [tcp_main.c:1096]: tcpconn_new(): tcpconn_new: on port 58656, type 3 DEBUG: <core> [tcp_main.c:1408]: tcpconn_add(): tcpconn_add: hashes: 313:3383:1453, 6 DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x89bda0, 34, 2, 0x7f72f4768638), fd_no=22 DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x89bda0, 34, -1, 0x0) fd_no=23 called DEBUG: <core> [tcp_main.c:4302]: handle_tcpconn_ev(): tcp: DBG: sending to child, events 1 DEBUG: <core> [tcp_main.c:3973]: send2child(): selected tcp worker 1 12(1701) for activity on [tls:124.124.124.124:10443], 0x7f72f4768638 DEBUG: <core> [tcp_read.c:1510]: handle_io(): received n=8 con=0x7f72f4768638, fd=11 DEBUG: tls [tls_server.c:178]: tls_complete_init(): Using TLS domain TLSs<default> DEBUG: tls [tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake started DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f72f4768638 n=2060 fd=11 DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x8e0040, 11, 2, 0x7f72f4768638), fd_no=1 DEBUG: tls [tls_domain.c:712]: sr_ssl_ctx_info_callback(): SSL handshake done DEBUG: tls [tls_domain.c:715]: sr_ssl_ctx_info_callback(): SSL disable renegotiation DEBUG: tls [tls_server.c:348]: tls_accept(): TLS accept successful DEBUG: tls [tls_server.c:355]: tls_accept(): tls_accept: new connection from 123.123.123.123:58656 using TLSv1/SSLv3 AES256-SHA 256 DEBUG: tls [tls_server.c:358]: tls_accept(): tls_accept: local socket: 124.124.124.124:10443 DEBUG: tls [tls_server.c:369]: tls_accept(): tls_accept: client did not present a certificate DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f72f4768638 n=282 fd=11 DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 DEBUG: <core> [parser/msg_parser.c:623]: parse_msg(): SIP Request: DEBUG: <core> [parser/msg_parser.c:625]: parse_msg(): method: <GET> DEBUG: <core> [parser/msg_parser.c:627]: parse_msg(): uri: </> DEBUG: <core> [parser/msg_parser.c:629]: parse_msg(): version: <HTTP/1.1> DEBUG: <core> [parser/msg_parser.c:106]: get_hdr_field(): found end of header DEBUG: <core> [receive.c:152]: receive_msg(): After parse_msg... DEBUG: xhttp [xhttp_mod.c:358]: xhttp_handler(): new fake msg created (425 bytes):#012<GET / HTTP/1.1#015#012Via: SIP/2.0/TLS 123.123.123.123:58656#015#012Host: domain.com:10443#015#012Connection: keep-alive#015#012Cache-Control: max-age=0#015#012Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8#015#012User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.103 Safari/537.36#015#012Accept-Encoding: gzip,deflate#015#012Accept-Language: es,en-GB;q=0.8,en;q=0.6,fr;q=0.4#015#012#015#012> DEBUG: <core> [parser/msg_parser.c:623]: parse_msg(): SIP Request: DEBUG: <core> [parser/msg_parser.c:625]: parse_msg(): method: <GET> DEBUG: <core> [parser/msg_parser.c:627]: parse_msg(): uri: </> DEBUG: <core> [parser/msg_parser.c:629]: parse_msg(): version: <HTTP/1.1> DEBUG: <core> [parser/parse_via.c:2672]: parse_via(): end of header reached, state=5 DEBUG: <core> [parser/msg_parser.c:513]: parse_headers(): parse_headers: Via found, flags=2 DEBUG: <core> [parser/msg_parser.c:515]: parse_headers(): parse_headers: this is the first via INFO: <script>: HTTP Request Received DEBUG: <core> [parser/msg_parser.c:106]: get_hdr_field(): found end of header DEBUG: sl [sl.c:288]: send_reply(): reply in stateless mode (sl) DEBUG: <core> [msg_translator.c:204]: check_via_address(): check_via_address( 123.123.123.123, 123.123.123.123, 0) DEBUG: <core> [tcp_main.c:2320]: tcpconn_send_put(): tcp_send: send from reader (1701 (12)), reusing fd DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f72f4768638 n=165 fd=11 DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#027#003#003 DEBUG: <core> [tcp_main.c:3624]: handle_ser_child(): handle_ser_child: read response= 7f72f4768638, -1, fd -1 from 12 (1701) DEBUG: tls [tls_server.c:597]: tls_h_close(): Closing SSL connection 0x7f72f47915b0 DEBUG: <core> [usr_avp.c:644]: destroy_avp_list(): DEBUG:destroy_avp_list: destroying list (nil) message repeated 5 times: [ DEBUG: <core> [usr_avp.c:644]: destroy_avp_list(): DEBUG:destroy_avp_list: destroying list (nil)] DEBUG: <core> [xavp.c:448]: xavp_destroy_list(): destroying xavp list (nil) DEBUG: <core> [receive.c:296]: receive_msg(): receive_msg: cleaning up DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x8e0040, 11, -1, 0x10) fd_no=2 called DEBUG: <core> [tcp_read.c:1437]: release_tcpconn(): releasing con 0x7f72f4768638, state -2, fd=11, id=6 DEBUG: <core> [tcp_read.c:1438]: release_tcpconn(): extra_data 0x7f72f47915b0 DEBUG: <core> [tcp_main.c:3385]: handle_tcp_child(): handle_tcp_child: reader response= 7f72f4768638, -2 from 1
Regards and thanks for your time
*Manuel Camargo* Teléfono: 638000836 eMail: sir.louen@gmail.com https://twitter.com/SirLouen [image: Ver el perfil de Manuel Camargo Lominchar en LinkedIn] http://es.linkedin.com/in/louen
2014-09-08 14:57 GMT+02:00 Daniel-Constantin Mierla miconda@gmail.com:
Hello,
if you run latest versions of web browsers, they become more restrictive on wss connection. Be sure that the cetificate is also trusted by the web browser.
You can go with the web browser to https://ipofkamailio:portforwss and see if you get any warnings there.
Cheers, Daniel
On 06/09/14 17:23, Manuel Camarg wrote:
I'm trying to implement WSS with Kamailio Thing is that WS works fine, I've followed: http://nil.uniza.sk/sip/kamailio/configuring-kamailio-4x-websocket
modparam("tls", "config", "webrtc/tls.cfg") In a tls.cfg file I have :
[server:default] method = SSLv23 verify_certificate = no require_certificate = no private_key = webrtc/private.key certificate = webrtc/ssl.pem ca_list = webrtc/ca_list.pem
In the log file:
/usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:178]: tls_complete_init(): Using TLS domain TLSs<default> /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake started /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f7513516958 n=5524 fd=11 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x8e0040, 11, 2, 0x7f7513516958), fd_no=1 /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:712]: sr_ssl_ctx_info_callback(): SSL handshake done /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:715]: sr_ssl_ctx_info_callback(): SSL disable renegotiation /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:348]: tls_accept(): TLS accept successful /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:355]: tls_accept(): tls_accept: new connection from 123.123.123.123:63300 using TLSv1/SSLv3 AES256-SHA 256 /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:358]: tls_accept(): tls_accept: local socket: 124.124.124.124:10443 /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:369]: tls_accept(): tls_accept: client did not present a certificate /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f7513516958 n=282 fd=11 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:296]: tcp_read_data(): EOF on 0x7f7513516958, FD 11 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1293]: tcp_read_req(): tcp_read_req: EOF /usr/local/sbin/kamailio[4025]: DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x8e0040, 11, -1, 0x10) fd_no=2 called /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1437]: release_tcpconn(): releasing con 0x7f7513516958, state -1, fd=11, id=2 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1438]: release_tcpconn(): extra_data 0x7f7513510a88 /usr/local/sbin/kamailio[4029]: DEBUG: <core> [tcp_main.c:3385]: handle_tcp_child(): handle_tcp_child: reader response= 7f7513516958, -1 from 1 /usr/local/sbin/kamailio[4029]: DEBUG: tls [tls_server.c:597]: tls_h_close(): Closing SSL connection 0x7f7513510a88
In sipml5 the error:
*Disconnected: Failed to connect to the server*
In the Chrome console:
*__tsip_transport_ws_onerror * *__tsip_transport_ws_onclose *
SSL certificates seem to be ok: # openssl verify -CAfile ca_list.pem ssl.pem ssl.pem: OK
Can't figure out a solution :( Any ideas?
*Manuel Camargo* Teléfono: 638000836 eMail: sir.louen@gmail.com
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing listsr-users@lists.sip-router.orghttp://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-- Daniel-Constantin Mierlahttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Next Kamailio Advanced Trainings 2014 - http://www.asipto.com Sep 22-25, Berlin, Germany
Hello,
from the logs you sent now, it appears that you have set_reply_close() in config, therefore the connection is closed after sending the reply.
Cheers, Daniel
On 08/09/14 20:10, Manuel Camarg wrote:
Hello Daniel:
Trying it, accessing via Browser here is the log, similarities with the access via SIPML5, no errors, no warnings (at least as far as I can see):
DEBUG: <core> [ip_addr.c:243]: print_ip(): tcpconn_new: new tcp connection: 123.123.123.123 DEBUG: <core> [tcp_main.c:1096]: tcpconn_new(): tcpconn_new: on port 58654, type 3 DEBUG: <core> [tcp_main.c:1408]: tcpconn_add(): tcpconn_add: hashes: 263:3337:1427, 5 DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x89bda0, 34, 2, 0x7f72f4768638), fd_no=22 DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x89bda0, 34, -1, 0x0) fd_no=23 called DEBUG: <core> [tcp_main.c:4302]: handle_tcpconn_ev(): tcp: DBG: sending to child, events 1 DEBUG: <core> [tcp_main.c:3973]: send2child(): selected tcp worker 0 11(1700) for activity on [tls:124.124.124.124:10443 http://124.124.124.124:10443], 0x7f72f4768638 DEBUG: <core> [tcp_read.c:1510]: handle_io(): received n=8 con=0x7f72f4768638, fd=11 DEBUG: tls [tls_server.c:178]: tls_complete_init(): Using TLS domain TLSs<default> DEBUG: tls [tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake started DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f72f4768638 n=2060 fd=11 DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x8e0040, 11, 2, 0x7f72f4768638), fd_no=1 DEBUG: tls [tls_domain.c:712]: sr_ssl_ctx_info_callback(): SSL handshake done DEBUG: tls [tls_domain.c:715]: sr_ssl_ctx_info_callback(): SSL disable renegotiation DEBUG: tls [tls_server.c:348]: tls_accept(): TLS accept successful DEBUG: tls [tls_server.c:355]: tls_accept(): tls_accept: new connection from 123.123.123.123:58654 http://123.123.123.123:58654 using TLSv1/SSLv3 AES256-SHA 256 DEBUG: tls [tls_server.c:358]: tls_accept(): tls_accept: local socket: 124.124.124.124:10443 http://124.124.124.124:10443 DEBUG: tls [tls_server.c:369]: tls_accept(): tls_accept: client did not present a certificate DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f72f4768638 n=282 fd=11 DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 DEBUG: <core> [tcp_read.c:296]: tcp_read_data(): EOF on 0x7f72f4768638, FD 11 DEBUG: <core> [tcp_read.c:1293]: tcp_read_req(): tcp_read_req: EOF DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x8e0040, 11, -1, 0x10) fd_no=2 called DEBUG: <core> [tcp_read.c:1437]: release_tcpconn(): releasing con 0x7f72f4768638, state -1, fd=11, id=5 DEBUG: <core> [tcp_read.c:1438]: release_tcpconn(): extra_data 0x7f72f47915b0 DEBUG: <core> [tcp_main.c:3385]: handle_tcp_child(): handle_tcp_child: reader response= 7f72f4768638, -1 from 0 DEBUG: tls [tls_server.c:597]: tls_h_close(): Closing SSL connection 0x7f72f47915b0 DEBUG: <core> [ip_addr.c:243]: print_ip(): tcpconn_new: new tcp connection: 123.123.123.123 DEBUG: <core> [tcp_main.c:1096]: tcpconn_new(): tcpconn_new: on port 58656, type 3 DEBUG: <core> [tcp_main.c:1408]: tcpconn_add(): tcpconn_add: hashes: 313:3383:1453, 6 DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x89bda0, 34, 2, 0x7f72f4768638), fd_no=22 DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x89bda0, 34, -1, 0x0) fd_no=23 called DEBUG: <core> [tcp_main.c:4302]: handle_tcpconn_ev(): tcp: DBG: sending to child, events 1 DEBUG: <core> [tcp_main.c:3973]: send2child(): selected tcp worker 1 12(1701) for activity on [tls:124.124.124.124:10443 http://124.124.124.124:10443], 0x7f72f4768638 DEBUG: <core> [tcp_read.c:1510]: handle_io(): received n=8 con=0x7f72f4768638, fd=11 DEBUG: tls [tls_server.c:178]: tls_complete_init(): Using TLS domain TLSs<default> DEBUG: tls [tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake started DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f72f4768638 n=2060 fd=11 DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x8e0040, 11, 2, 0x7f72f4768638), fd_no=1 DEBUG: tls [tls_domain.c:712]: sr_ssl_ctx_info_callback(): SSL handshake done DEBUG: tls [tls_domain.c:715]: sr_ssl_ctx_info_callback(): SSL disable renegotiation DEBUG: tls [tls_server.c:348]: tls_accept(): TLS accept successful DEBUG: tls [tls_server.c:355]: tls_accept(): tls_accept: new connection from 123.123.123.123:58656 http://123.123.123.123:58656 using TLSv1/SSLv3 AES256-SHA 256 DEBUG: tls [tls_server.c:358]: tls_accept(): tls_accept: local socket: 124.124.124.124:10443 http://124.124.124.124:10443 DEBUG: tls [tls_server.c:369]: tls_accept(): tls_accept: client did not present a certificate DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f72f4768638 n=282 fd=11 DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 DEBUG: <core> [parser/msg_parser.c:623]: parse_msg(): SIP Request: DEBUG: <core> [parser/msg_parser.c:625]: parse_msg(): method: <GET> DEBUG: <core> [parser/msg_parser.c:627]: parse_msg(): uri: </> DEBUG: <core> [parser/msg_parser.c:629]: parse_msg(): version: <HTTP/1.1> DEBUG: <core> [parser/msg_parser.c:106]: get_hdr_field(): found end of header DEBUG: <core> [receive.c:152]: receive_msg(): After parse_msg... DEBUG: xhttp [xhttp_mod.c:358]: xhttp_handler(): new fake msg created (425 bytes):#012<GET / HTTP/1.1#015#012Via: SIP/2.0/TLS 123.123.123.123:58656#015#012Host http://123.123.123.123:58656#015#012Host: domain.com:10443#015#012Connection http://domain.com:10443#015#012Connection: keep-alive#015#012Cache-Control: max-age=0#015#012Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8#015#012User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.103 Safari/537.36#015#012Accept-Encoding: gzip,deflate#015#012Accept-Language: es,en-GB;q=0.8,en;q=0.6,fr;q=0.4#015#012#015#012> DEBUG: <core> [parser/msg_parser.c:623]: parse_msg(): SIP Request: DEBUG: <core> [parser/msg_parser.c:625]: parse_msg(): method: <GET> DEBUG: <core> [parser/msg_parser.c:627]: parse_msg(): uri: </> DEBUG: <core> [parser/msg_parser.c:629]: parse_msg(): version: <HTTP/1.1> DEBUG: <core> [parser/parse_via.c:2672]: parse_via(): end of header reached, state=5 DEBUG: <core> [parser/msg_parser.c:513]: parse_headers(): parse_headers: Via found, flags=2 DEBUG: <core> [parser/msg_parser.c:515]: parse_headers(): parse_headers: this is the first via INFO: <script>: HTTP Request Received DEBUG: <core> [parser/msg_parser.c:106]: get_hdr_field(): found end of header DEBUG: sl [sl.c:288]: send_reply(): reply in stateless mode (sl) DEBUG: <core> [msg_translator.c:204]: check_via_address(): check_via_address( 123.123.123.123, 123.123.123.123, 0) DEBUG: <core> [tcp_main.c:2320]: tcpconn_send_put(): tcp_send: send from reader (1701 (12)), reusing fd DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f72f4768638 n=165 fd=11 DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#027#003#003 DEBUG: <core> [tcp_main.c:3624]: handle_ser_child(): handle_ser_child: read response= 7f72f4768638, -1, fd -1 from 12 (1701) DEBUG: tls [tls_server.c:597]: tls_h_close(): Closing SSL connection 0x7f72f47915b0 DEBUG: <core> [usr_avp.c:644]: destroy_avp_list(): DEBUG:destroy_avp_list: destroying list (nil) message repeated 5 times: [ DEBUG: <core> [usr_avp.c:644]: destroy_avp_list(): DEBUG:destroy_avp_list: destroying list (nil)] DEBUG: <core> [xavp.c:448]: xavp_destroy_list(): destroying xavp list (nil) DEBUG: <core> [receive.c:296]: receive_msg(): receive_msg: cleaning up DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x8e0040, 11, -1, 0x10) fd_no=2 called DEBUG: <core> [tcp_read.c:1437]: release_tcpconn(): releasing con 0x7f72f4768638, state -2, fd=11, id=6 DEBUG: <core> [tcp_read.c:1438]: release_tcpconn(): extra_data 0x7f72f47915b0 DEBUG: <core> [tcp_main.c:3385]: handle_tcp_child(): handle_tcp_child: reader response= 7f72f4768638, -2 from 1
Regards and thanks for your time
*Manuel Camargo* Teléfono: 638000836 eMail: sir.louen@gmail.com mailto:sir.louen@gmail.com https://twitter.com/SirLouen Ver el perfil de Manuel Camargo Lominchar en LinkedIn http://es.linkedin.com/in/louen
2014-09-08 14:57 GMT+02:00 Daniel-Constantin Mierla <miconda@gmail.com mailto:miconda@gmail.com>:
Hello, if you run latest versions of web browsers, they become more restrictive on wss connection. Be sure that the cetificate is also trusted by the web browser. You can go with the web browser to https://ipofkamailio:portforwss and see if you get any warnings there. Cheers, Daniel On 06/09/14 17:23, Manuel Camarg wrote:I'm trying to implement WSS with Kamailio Thing is that WS works fine, I've followed: http://nil.uniza.sk/sip/kamailio/configuring-kamailio-4x-websocket modparam("tls", "config", "webrtc/tls.cfg") In a tls.cfg file I have : [server:default] method = SSLv23 verify_certificate = no require_certificate = no private_key = webrtc/private.key certificate = webrtc/ssl.pem ca_list = webrtc/ca_list.pem In the log file: /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:178]: tls_complete_init(): Using TLS domain TLSs<default> /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake started /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f7513516958 n=5524 fd=11 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x8e0040, 11, 2, 0x7f7513516958), fd_no=1 /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:712]: sr_ssl_ctx_info_callback(): SSL handshake done /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:715]: sr_ssl_ctx_info_callback(): SSL disable renegotiation /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:348]: tls_accept(): TLS accept successful /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:355]: tls_accept(): tls_accept: new connection from 123.123.123.123:63300 <http://123.123.123.123:63300> using TLSv1/SSLv3 AES256-SHA 256 /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:358]: tls_accept(): tls_accept: local socket: 124.124.124.124:10443 <http://124.124.124.124:10443> /usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:369]: tls_accept(): tls_accept: client did not present a certificate /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending... /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f7513516958 n=282 fd=11 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=#012#026#003#003 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:296]: tcp_read_data(): EOF on 0x7f7513516958, FD 11 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1293]: tcp_read_req(): tcp_read_req: EOF /usr/local/sbin/kamailio[4025]: DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x8e0040, 11, -1, 0x10) fd_no=2 called /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1437]: release_tcpconn(): releasing con 0x7f7513516958, state -1, fd=11, id=2 /usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1438]: release_tcpconn(): extra_data 0x7f7513510a88 /usr/local/sbin/kamailio[4029]: DEBUG: <core> [tcp_main.c:3385]: handle_tcp_child(): handle_tcp_child: reader response= 7f7513516958, -1 from 1 /usr/local/sbin/kamailio[4029]: DEBUG: tls [tls_server.c:597]: tls_h_close(): Closing SSL connection 0x7f7513510a88 In sipml5 the error: /Disconnected: *Failed to connect to the server*/ In the Chrome console: /*__tsip_transport_ws_onerror */ /*__tsip_transport_ws_onclose */ /* */ SSL certificates seem to be ok: # openssl verify -CAfile ca_list.pem ssl.pem ssl.pem: OK Can't figure out a solution :( Any ideas? *Manuel Camargo* Teléfono: 638000836 <tel:638000836> eMail: sir.louen@gmail.com <mailto:sir.louen@gmail.com> _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org <mailto:sr-users@lists.sip-router.org> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users-- Daniel-Constantin Mierla http://twitter.com/#!/miconda <http://twitter.com/#%21/miconda> -http://www.linkedin.com/in/miconda Next Kamailio Advanced Trainings 2014 -http://www.asipto.com Sep 22-25, Berlin, Germany
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-
Daniel-Constantin Mierla -
Manuel Camarg