[SR-Users] Strange TLS issue
Daniel-Constantin Mierla
miconda at gmail.com
Tue Mar 12 09:46:53 CET 2013
Hello,
try to set the method to sslv23:
http://kamailio.org/docs/modules/stable/modules/tls.html#tls_method
Cheers,
Daniel
On 3/12/13 9:36 AM, Jirka Jirout wrote:
> Hello,
>
> I have enabled re-negotiation, which does not do too much good I am afraid. However, the connection attempts do get thru to kamailio now, although I am afraid it does not help either.
>
> Mar 12 09:16:23 crypto2 /usr/sbin/kamailio[404]: ERROR: tls [tls_server.c:1190]: TLS accept:error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message
> Mar 12 09:16:23 crypto2 /usr/sbin/kamailio[404]: ERROR: <core> [tcp_read.c:1127]: ERROR: tcp_read_req: error reading
>
> I went thru our client code and it does the following:
>
> SSL_CTX_new(SSLv23_client_method()) or SSL_CTX_new(SSLv23_server_method())))
>
> SSL_CTX_set_mode(transport->tls.ctx_client, SSL_MODE_AUTO_RETRY)
> SSL_CTX_set_mode(transport->tls.ctx_server, SSL_MODE_AUTO_RETRY)
> SSL_CTX_set_verify(transport->tls.ctx, SSL_VERIFY_NONE, null)
>
> SSL_CTX_set_cipher_list(transport->tls.ctx, "AES256-SHA")
>
> SSL_new(ssl_ctx)
> SSL_set_fd(ssl, fd)
>
> SSL_connect(ssl)
>
> and then of course SSL_write() and SSL_read()
>
> regards, jj
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio World Conference, April 16-17, 2013, Berlin
- http://conference.kamailio.com -
More information about the sr-users
mailing list