[SR-Users] TLS certificate verification failed
Daniel-Constantin Mierla
miconda at gmail.com
Wed Jul 1 16:56:34 CEST 2015
Hello,
On 25/06/15 15:06, Austin Einter wrote:
> Hi All
> I am having a sip client, I am using GNU tls for transport layer security.
>
> I am using Kamailio (TLS enabled) to test all the functionalities.
>
> I did registration over TLS. It was fine.
>
> I tried to make call.
> I was able to send INVITE.
> Kamaiio trying to connect to called party (which is again my sip
> endpoint).
> That time certificate verification failed.
>
>
> _*Error log*_
> /* 8(14180) ERROR: tls [tls_server.c:1193]: tls_read_f(): TLS
> write:error:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed
> 8(14180) ERROR: <core> [tcp_read.c:1326]: tcp_read_req(): ERROR:
> tcp_read_req: error reading
> 8(14180) DEBUG: <core> [tcp_read.c:1481]: release_tcpconn():
> releasing con 0x7f962f6b6db8, state -2, fd=5, id=3*/
>
> How do I debug and fix this issue.
>
> Can somebody help me out.
you can disable certificate verification in the tls.cfg inside the
[client:default] section.
Otherwise, the CA list must include the certificate of the CA that
signed the certificate of the client.
Cheers,
Daniel
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Book: SIP Routing With Kamailio - http://www.asipto.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20150701/32219477/attachment.html>
More information about the sr-users
mailing list