[SR-Users] dispatch REGISTER over TLS

Karsten Horsmann khorsmann at gmail.com
Wed Nov 6 20:46:54 CET 2019 

Hi,

the sips Uri schemata is not used for tls with dispatcher.

Here an example for flatfile dispatcher.list (need corrected values).

The socket line must match an listen directive in your Kamailio.cfg.


root at sbc1:~# cat /etc/kamailio/dispatcher.list
# setid(integer) destination(sip uri) flags (integer, optional),
priority(int,opt), attrs (str,optional)
1007 sip:sip.pstnhub.microsoft.com;transport=tls 0 3
socket=tls:212.xx.xx.xx:5061;ping_from=sip:sbc-d01.yourdomain

Cheers
Karsten

sthustfo <sthustfo at gmail.com> schrieb am Mi., 6. Nov. 2019, 20:32:

> I have a basic setup where kamailio receives SIP over websocket (no WSS)
> and forwards to SIP server over TLS. I have enabled TLS in kamailio.cfg and
> added dispatcher node as sips:SIP_SERVER:5061 and transport=tls.
>
>
> +----+-------+------------------------+-------+----------+---------------+----------------+
> | id | setid | destination            | flags | priority | attrs         |
> description    |
>
> +----+-------+------------------------+-------+----------+---------------+----------------+
> |  4 |     1 | sips:10.0.0.100:5061 |     0 |        0 | transport=tls |
> SIP SERVER |
>
> +----+-------+------------------------+-------+----------+---------------+----------------+
>
> Now when REGISTER is received over websocket, kamailio is responding with
> error code 500 and phrase "500 I'm terribly sorry, server error occurred
> (7/SL)". And on the console I see the following error messages.
>
> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} <core>
> [core/md5utils.c:67]: MD5StringArray(): MD5 calculated:
> f1ecf7bcb659b07fe81e332e100044e5
> 12(33858) ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm [ut.h:315]:
> uri2dst2(): no corresponding socket found for "10.0.0.100" af 2 (tls:
> 10.0.0.100:5061)
> 12(33858) ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
> [t_fwd.c:467]: prepare_new_uac(): can't fwd to af 2, proto 3  (no
> corresponding listening socket)
> 12(33858) ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
> [t_fwd.c:1735]: t_forward_nonack(): failure to add branches
> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
> [t_funcs.c:334]: t_relay_to(): t_forward_nonack returned error -7 (-7)
> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
> [t_funcs.c:352]: t_relay_to(): -7 error reply generation delayed
> 12(33858) exec: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} ***
> cfgtrace:request_route=[RELAY] c=[/etc/kamailio/kamailio.cfg] l=587 a=24
> n=sl_reply_error
> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} <core>
> [core/msg_translator.c:162]: check_via_address(): (10.0.0.14,
> hsvmphm3ps12.invalid, 0)
> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} websocket
> [ws_conn.c:452]: wsconn_get(): wsconn_get for id [3]
>
> *tls.cfg contents*
> [client:default]
> method = TLSv1
> verify_certificate = yes
> require_certificate = yes
> private_key = /home/test/kamailio/internal.key
> certificate = /home/test/kamailio/internal.crt
> ca_list = /home/test/kamailio/ca_list.pem
>
> Any reason why this error is seen? Any inputs appreciated.
>
> Thanks.
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20191106/a7a7bb77/attachment.html>

More information about the sr-users mailing list