[SR-Users] TLS websocket problem

Wed Mar 19 13:26:44 CET 2014

Hi List,

Any suggestions on why I am getting the following issues.

I can get a successful tls connection when I connect with http

Tested by having this in kamailio.cfg

event_route[xhttp:request] {
    set_reply_close();
    set_reply_no_connect();

    xhttp_reply("200", "OK", "text/html","<html><body>Received HTTP request to $hu from [$si:$sp] with protocol $proto</body></html>");
    xlog("L_INFO", "HTTP Request Received\n");

    ......

Going to https://10.1.2.3:6443 gives this 
Received HTTP request to / from [10.1.1.1:58179] with protocol tls

This seems ok so far.

However problems are encounter when trying to connect by WSS.
It appears to not accept wss connections.
Any ideas please

JSSIP settings

var configuration = {
        'ws_servers': 'wss://10.1.2.3:6443/ws',
        'uri': 'sip:webrtc at 10.1.2.3',                 
        'stun_servers': '10.1.2.3',
        'turn_servers': null,
        'register': true,
        'password': 'webrtc'

	......

Browser Console log

JsSIP | UA | configuration parameters after validation: jssip-0.3.0.min.js:11
· via_host: "m3lmqpohnnin.invalid" jssip-0.3.0.min.js:11
· password: "webrtc" jssip-0.3.0.min.js:11
· register_expires: 600 jssip-0.3.0.min.js:11
· register_min_expires: 120 jssip-0.3.0.min.js:11
· register: true jssip-0.3.0.min.js:11
· registrar_server: sip:10.1.2.3 jssip-0.3.0.min.js:11
· ws_server_max_reconnection: 3 jssip-0.3.0.min.js:11
· ws_server_reconnection_timeout: 4 jssip-0.3.0.min.js:11
· connection_recovery_min_interval: 2 jssip-0.3.0.min.js:11
· connection_recovery_max_interval: 30 jssip-0.3.0.min.js:11
· use_preloaded_route: false jssip-0.3.0.min.js:11
· no_answer_timeout: 60000 jssip-0.3.0.min.js:11
· stun_servers: ["stun:10.1.2.3"] jssip-0.3.0.min.js:11
· turn_servers: [] jssip-0.3.0.min.js:11
· trace_sip: false jssip-0.3.0.min.js:11
· hack_via_tcp: false jssip-0.3.0.min.js:11
· hack_ip_in_contact: false jssip-0.3.0.min.js:11
· uri: sip:webrtc at 10.1.2.3 jssip-0.3.0.min.js:11
· ws_servers: [{"ws_uri":"wss://10.1.2.3:6443/ws","sip_uri":"<sip:10.1.2.3:6443;transport=ws;lr>","weight":0,"status":0,"scheme":"WSS"}] jssip-0.3.0.min.js:11
· instance_id: "5d2898f4-af42-41cf-865b-848d2ba9a3f2" jssip-0.3.0.min.js:11
· jssip_id: "fagpa" jssip-0.3.0.min.js:11
· hostport_params: "10.1.2.3" jssip-0.3.0.min.js:11
· authorization_user: "webrtc" jssip-0.3.0.min.js:11
JsSIP | EVENT EMITTER | adding event newMessage jssip-0.3.0.min.js:9
JsSIP | EVENT EMITTER | adding event newRTCSession jssip-0.3.0.min.js:9
JsSIP | EVENT EMITTER | adding event registrationFailed jssip-0.3.0.min.js:9
JsSIP | EVENT EMITTER | adding event unregistered jssip-0.3.0.min.js:9
JsSIP | EVENT EMITTER | adding event registered jssip-0.3.0.min.js:9
JsSIP | EVENT EMITTER | adding event disconnected jssip-0.3.0.min.js:9
JsSIP | EVENT EMITTER | adding event connected jssip-0.3.0.min.js:9
JsSIP | UA | user requested startup... jssip-0.3.0.min.js:10
JsSIP | TRANSPORT | connecting to WebSocket wss:/10.1.2.3:6443/ws jssip-0.3.0.min.js:9
s {cache: Object, configuration: Object, dialogs: Object, registrator: null, applicants: Object…}
 call.html:62
JsSIP | EVENT EMITTER | new listener added to event registered jssip-0.3.0.min.js:9
JsSIP | EVENT EMITTER | new listener added to event registrationFailed jssip-0.3.0.min.js:9
JsSIP | EVENT EMITTER | new listener added to event newRTCSession jssip-0.3.0.min.js:9
JsSIP | TRANSPORT | WebSocket connection error: [object Event] jssip-0.3.0.min.js:9
JsSIP | TRANSPORT | WebSocket disconnected (code: 1006) jssip-0.3.0.min.js:9
JsSIP | TRANSPORT | WebSocket abrupt disconnection jssip-0.3.0.min.js:9
JsSIP | UA | transport wss://10.1.2.3:6443/ws failed | connection state set to 2 jssip-0.3.0.min.js:11
JsSIP | EVENT EMITTER | emitting event disconnected jssip-0.3.0.min.js:9
JsSIP | UA | next connection attempt in 2 seconds 

Kamailio

[server:default]
method = TLSv1
verify_certificate = no
require_certificate = no
private_key = /usr/local/etc/kamailio/kamailio-selfsigned.key
certificate = /usr/local/etc/kamailio/kamailio-selfsigned.pem

DEBUG: <core> [ip_addr.c:243]: print_ip(): tcpconn_new: new tcp connection: 10.1.1.1
14(17989) DEBUG: <core> [tcp_main.c:1096]: tcpconn_new(): tcpconn_new: on port 50261, type 3
14(17989) DEBUG: <core> [tcp_main.c:1408]: tcpconn_add(): tcpconn_add: hashes: 1825:534:2831, 39
14(17989) DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x89af40, 25, 2, 0x7f42527a75b8), fd_no=19
14(17989) DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x89af40, 25, -1, 0x0) fd_no=20 called
14(17989) DEBUG: <core> [tcp_main.c:4302]: handle_tcpconn_ev(): tcp: DBG: sending to child, events 1
14(17989) DEBUG: <core> [tcp_main.c:3973]: send2child(): selected tcp worker 2 12(17987) for activity on [tls:10.1.2.3:6443], 0x7f42527a75b8
12(17987) DEBUG: <core> [tcp_read.c:1510]: handle_io(): received n=8 con=0x7f42527a75b8, fd=5
12(17987) DEBUG: tls [tls_server.c:178]: tls_complete_init(): Using TLS domain TLSs<default>
12(17987) DEBUG: tls [tls_domain.c:609]: sr_ssl_ctx_info_callback(): SSL handshake started
12(17987) DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending...
12(17987) DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f42527a75b8 n=1099 fd=5
12(17987) DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=

12(17987) DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x8df1e0, 5, 2, 0x7f42527a75b8), fd_no=1
12(17987) DEBUG: tls [tls_domain.c:621]: sr_ssl_ctx_info_callback(): SSL handshake done
12(17987) DEBUG: tls [tls_domain.c:624]: sr_ssl_ctx_info_callback(): SSL disable renegotiation
12(17987) DEBUG: tls [tls_server.c:348]: tls_accept(): TLS accept successful
12(17987) DEBUG: tls [tls_server.c:355]: tls_accept(): tls_accept: new connection from 10.1.1.1:50261 using TLSv1/SSLv3 AES256-SHA 256
12(17987) DEBUG: tls [tls_server.c:358]: tls_accept(): tls_accept: local socket: 10.1.2.3:6443
12(17987) DEBUG: tls [tls_server.c:369]: tls_accept(): tls_accept: client did not present a certificate
12(17987) DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending...
12(17987) DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real write: c= 0x7f42527a75b8 n=250 fd=5
12(17987) DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=

12(17987) DEBUG: <core> [tcp_read.c:296]: tcp_read_data(): EOF on 0x7f42527a75b8, FD 5
12(17987) DEBUG: <core> [tcp_read.c:1293]: tcp_read_req(): tcp_read_req: EOF
12(17987) DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x8df1e0, 5, -1, 0x10) fd_no=2 called
12(17987) DEBUG: <core> [tcp_read.c:1437]: release_tcpconn(): releasing con 0x7f42527a75b8, state -1, fd=5, id=39
12(17987) DEBUG: <core> [tcp_read.c:1438]: release_tcpconn():  extra_data 0x7f4252793e90
14(17989) DEBUG: <core> [tcp_main.c:3385]: handle_tcp_child(): handle_tcp_child: reader response= 7f42527a75b8, -1 from 2 
14(17989) DEBUG: tls [tls_server.c:597]: tls_h_close(): Closing SSL connection 0x7f4252793e90