[SR-Users] sip over tls is not working
Aft nix
aftnix at gmail.com
Wed Jul 11 20:45:12 CEST 2012
On Wed, Jul 11, 2012 at 9:37 PM, Peter Dunkley
<peter.dunkley at crocodile-rcs.com> wrote:
>
> Hi,
>
> WebSockets over TLS works which requires establishing a TLS connection and
> exchanging an HTTP request and response. It doesn't sound like this
> connection is even getting passed the TLS handshake part?
>
> Peter
>
Hi,
That was my first guess. I will run some tests with plain tcp socket
and post update.
cheers.
>
> On Wed, 2012-07-11 at 17:14 +0200, Klaus Darilion wrote:
>
> Maybe there were some changes fore websocket support which cause
> problems. Do plain TCP connections work?
>
> klaus
>
> On 11.07.2012 16:20, Aft nix wrote:
> > On Wed, Jul 11, 2012 at 6:56 PM, Klaus Darilion
> > <klaus.mailinglists at pernau.at> wrote:
> >> I just tested TLS with Kamailio 3.3.0 and Eyebeam and it works. Make
> >> sure to
> >> specify "ca_list" if intermediate certificates are used.
> >>
> >
> > I was working with master branch, not 3.3 branch.
> >
> >>
> >> regards
> >> Klaus
> >>
> >> On 09.07.2012 13:27, Aft nix wrote:
> >>>
> >>> Hi,
> >>>
> >>> I have enabled tls parameters as follows:
> >>>
> >>> in kamailio.cfg
> >>>
> >>> listen = tls:<IP>:<PORT>
> >>>
> >>> in tls.cfg
> >>>
> >>> [server:<IP>:<PORT>]
> >>> method = TLSv1
> >>> verify_certificate = no
> >>> require_certificate = no
> >>> private_key = /usr/local/etc/kamailio/kamailio-selfsigned.key
> >>> certificate = /usr/local/etc/kamailio/
> kamailio-selfsigned.pem
> >>>
> >>> Now if i try to connect to this interface using openssl s_client, it
> >>> does connects,
> >>> but now server certificate is sent from kamailio.
> >>>
> >>> kamailio log shows this :
> >>>
> >>> <core> [ip_addr.c:247]: tcpconn_new: new tcp connection: <CLIENT
> >>> IP>
> >>> <core> [tcp_main.c:1089]: tcpconn_new: on port 40727, type 3
> >>> <core> [tcp_main.c:1400]: tcpconn_add: hashes: 2614:2652:2494, 2
> >>> <core> [io_wait.h:390]: DBG: io_watch_add(0x82535e0, 23, 2,
> >>> 0xb5701580), fd_no=11
> >>> <core> [io_wait.h:617]: DBG: io_watch_del (0x82535e0, 23, -1, 0x0)
> >>> fd_no=12 called
> >>> <core> [tcp_main.c:4296]: tcp: DBG: sending to child, events 1
> >>> <core> [tcp_main.c:3963]: WARNING: send2child: no free tcp
> >>> receiver,
> >>> connection passed to the least busy one (3289651)
> >>> <core> [tcp_main.c:3967]: selected tcp worker 0 0(8) for activity
> >>> on
> >>> [tls:<IP>:<PORT>], 0xb5701580
> >>> <core> [tcp_main.c:3576]: BUG: handle_ser_child: fd -1 for 0 (pid
> >>> 2491)
> >>>
> >>> I'm using kamailio from git. its updated to the latest.
> >>> Thanks in advance.
> >>>
> >>
> >
> >
> >
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
> --
> Peter Dunkley
> Technical Director
> Crocodile RCS Ltd
--
-aft
More information about the sr-users
mailing list