[SR-Users] please help to register sip phone to kamailio server via tls support.
peter_green lion
betergreen at live.com
Mon Sep 6 11:19:02 CEST 2010
> Date: Mon, 6 Sep 2010 10:26:38 +0200
> From: klaus.mailinglists at pernau.at
> To: betergreen at live.com
> CC: sr-users at lists.sip-router.org
> Subject: Re: [SR-Users] please help to register sip phone to kamailio server via tls support.
>
> > log in :tail -f /var/log/message:
> >
> > Sep 4 05:18:50 appliance /usr/local/sbin/kamailio[3117]: ERROR: tls
> > [tls_server.c:392]: SSL error:error:14094418:SSL
> > routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
> >
> > in portgo : certificate validation failure.
>
> It is rather clear - your SIP client does not accept the proxy's
> certificate and thus terminates the TLS handshake with an "unknown ca"
> error.
>
> You have to configure your SIP client to accept the CA which has signed
> the proxy's certificate.
>
> regards
> klaus
Dear Klaus,
i have the same problem when add user-privkey.pem in SIP client, I use 3CX soft phone.
when i run command : kamctl tls userCERT user
openssl creates three file.
INFO: Private key is locate at /usr/local/etc/kamailio//tls/user/user-privkey.pem
INFO: Certificate is locate at /usr/local/etc/kamailio//tls/user/user-cert.pem
INFO: CA-List is locate at /usr/local/etc/kamailio//tls/user/user-calist.pem
i copy user-privkey.pem to PC which have SIP client. after that i change the name to root_cert_3CXphone.pem to add to 3CX soft phone.
but problem is the same.
Sep 6 08:59:33 appliance /usr/local/sbin/kamailio[4442]: ERROR: tls [tls_server.c:392]: SSL error:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
Sep 6 08:59:34 appliance /usr/local/sbin/kamailio[4437]: ERROR: tls [tls_server.c:392]: SSL error:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
Sep 6 08:59:34 appliance /usr/local/sbin/kamailio[4438]: ERROR: tls [tls_server.c:392]: SSL error:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
Sep 6 08:59:34 appliance /usr/local/sbin/kamailio[4440]: ERROR: tls [tls_server.c:392]: SSL error:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
Sep 6 08:59:34 appliance /usr/local/sbin/kamailio[4442]: ERROR: tls [tls_server.c:392]: SSL error:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
please tell me, if you know
thanks so much.
Peter Green
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20100906/4b1e564c/attachment-0001.htm>
More information about the sr-users
mailing list