[SR-Users] WSS configuration sample needed
Daniel-Constantin Mierla
miconda at gmail.com
Mon May 9 14:33:45 CEST 2016
Hello,
do you have config modparam set for tls? Like:
modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg")
Or are those all your parameters for tls module?
Cheers,
Daniel
On 09/05/16 14:05, Sunil More wrote:
> Hello Daniel,
>
> I am using this ..
> loadmodule "tls.so" modparam("tls", "tls_method", "TLSv1")
> modparam("tls", "certificate", "/usr/local/kamailio/etc/kamailio/cc_kamailio/my_cert.net.crt")
> modparam("tls", "private_key", "/usr/local/kamailio/etc/kamailio/cc_kamailio/my_key.net.key")
> modparam("tls", "verify_certificate", 0)
> modparam("tls", "require_certificate", 0)
>
> Thanking You,
> Sunil More
> Ph : 9503338275
>
> On Mon, May 9, 2016 at 5:32 PM, Daniel-Constantin Mierla
> <miconda at gmail.com <mailto:miconda at gmail.com>> wrote:
>
> Hello,
>
> look at your tls.cfg file (or modparams for tls module) and change
> the setting for requiring tls certificate for clients.
>
> Cheers,
> Daniel
>
>
> On 09/05/16 13:44, Sunil More wrote:
>> Hello All,
>>
>> I am trying to connect Kamailio over WSS and the error I get is
>> "tls_accept: client did not present a certificate" . It works
>> fine for WS, however Please guide me to connect over WSS.
>>
>> the following are the logs i See..
>>
>> DEBUG: tls [tls_domain.c:703]: sr_ssl_ctx_info_callback(): SSL
>> handshake started
>>
>> DEBUG: <core> [tcp_main.c:2430]: tcpconn_do_send(): sending...
>>
>> ay 9 11:07:01 P172 /usr/local/kamailio/sbin/kamailio[32025]:
>> DEBUG: tls [tls_domain.c:715]: sr_ssl_ctx_info_callback(): SSL
>> handshake done
>>
>> May 9 11:07:01 P172 /usr/local/kamailio/sbin/kamailio[32025]:
>> DEBUG: tls [tls_domain.c:718]: sr_ssl_ctx_info_callback(): SSL
>> disable renegotiation
>>
>> May 9 11:07:01 P172 /usr/local/kamailio/sbin/kamailio[32025]:
>> DEBUG: tls [tls_server.c:411]: tls_accept(): TLS accept successful
>>
>> May 9 11:07:01 P172 /usr/local/kamailio/sbin/kamailio[32025]:
>> DEBUG: tls [tls_server.c:418]: tls_accept(): tls_accept: new
>> connection from sunilmore.in:49703 <http://sunilmore.in:49703>
>> using TLSv1/SSLv3 AES256-SHA 256
>>
>> May 9 11:07:01 P172 /usr/local/kamailio/sbin/kamailio[32025]:
>> DEBUG: tls [tls_server.c:421]: tls_accept(): tls_accept: local
>> socket:sunilmore.in:10082 <http://sunilmore.in:10082>
>>
>> May 9 11:07:01 P172 /usr/local/kamailio/sbin/kamailio[32025]:
>> DEBUG: tls [tls_server.c:432]: tls_accept(): tls_accept: client
>> did not present a certificate
>>
>> And the websocket closes. Please help.
>>
>>
>>
>>
>> Thanking You,
>> Sunil More
>> Ph : 9503338275
>>
>>
>> _______________________________________________
>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org <mailto:sr-users at lists.sip-router.org>
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
> --
> Daniel-Constantin Mierla
> http://www.asipto.com
> http://twitter.com/#!/miconda <http://twitter.com/#%21/miconda> - http://www.linkedin.com/in/miconda
> Kamailio World Conference, Berlin, May 18-20, 2016 - http://www.kamailioworld.com
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing
> list
> sr-users at lists.sip-router.org <mailto:sr-users at lists.sip-router.org>
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
--
Daniel-Constantin Mierla
http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio World Conference, Berlin, May 18-20, 2016 - http://www.kamailioworld.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20160509/0f349757/attachment.html>
More information about the sr-users
mailing list