[SR-Users] dispatch REGISTER over TLS

Wed Nov 6 23:13:19 CET 2019

I believe you also need to use a force send socket

On Wed, 6 Nov 2019 at 19:48, Karsten Horsmann <khorsmann at gmail.com> wrote:

> Hi,
>
> the sips Uri schemata is not used for tls with dispatcher.
>
> Here an example for flatfile dispatcher.list (need corrected values).
>
> The socket line must match an listen directive in your Kamailio.cfg.
>
>
> root at sbc1:~# cat /etc/kamailio/dispatcher.list
> # setid(integer) destination(sip uri) flags (integer, optional),
> priority(int,opt), attrs (str,optional)
> 1007 sip:sip.pstnhub.microsoft.com;transport=tls 0 3
> socket=tls:212.xx.xx.xx:5061;ping_from=sip:sbc-d01.yourdomain
>
> Cheers
> Karsten
>
> sthustfo <sthustfo at gmail.com> schrieb am Mi., 6. Nov. 2019, 20:32:
>
>> I have a basic setup where kamailio receives SIP over websocket (no WSS)
>> and forwards to SIP server over TLS. I have enabled TLS in kamailio.cfg and
>> added dispatcher node as sips:SIP_SERVER:5061 and transport=tls.
>>
>>
>> +----+-------+------------------------+-------+----------+---------------+----------------+
>> | id | setid | destination            | flags | priority | attrs
>> | description    |
>>
>> +----+-------+------------------------+-------+----------+---------------+----------------+
>> |  4 |     1 | sips:10.0.0.100:5061 |     0 |        0 | transport=tls |
>> SIP SERVER |
>>
>> +----+-------+------------------------+-------+----------+---------------+----------------+
>>
>> Now when REGISTER is received over websocket, kamailio is responding with
>> error code 500 and phrase "500 I'm terribly sorry, server error occurred
>> (7/SL)". And on the console I see the following error messages.
>>
>> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} <core>
>> [core/md5utils.c:67]: MD5StringArray(): MD5 calculated:
>> f1ecf7bcb659b07fe81e332e100044e5
>> 12(33858) ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm [ut.h:315]:
>> uri2dst2(): no corresponding socket found for "10.0.0.100" af 2 (tls:
>> 10.0.0.100:5061)
>> 12(33858) ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
>> [t_fwd.c:467]: prepare_new_uac(): can't fwd to af 2, proto 3  (no
>> corresponding listening socket)
>> 12(33858) ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
>> [t_fwd.c:1735]: t_forward_nonack(): failure to add branches
>> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
>> [t_funcs.c:334]: t_relay_to(): t_forward_nonack returned error -7 (-7)
>> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
>> [t_funcs.c:352]: t_relay_to(): -7 error reply generation delayed
>> 12(33858) exec: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} ***
>> cfgtrace:request_route=[RELAY] c=[/etc/kamailio/kamailio.cfg] l=587 a=24
>> n=sl_reply_error
>> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} <core>
>> [core/msg_translator.c:162]: check_via_address(): (10.0.0.14,
>> hsvmphm3ps12.invalid, 0)
>> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} websocket
>> [ws_conn.c:452]: wsconn_get(): wsconn_get for id [3]
>>
>> *tls.cfg contents*
>> [client:default]
>> method = TLSv1
>> verify_certificate = yes
>> require_certificate = yes
>> private_key = /home/test/kamailio/internal.key
>> certificate = /home/test/kamailio/internal.crt
>> ca_list = /home/test/kamailio/ca_list.pem
>>
>> Any reason why this error is seen? Any inputs appreciated.
>>
>> Thanks.
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
-- 
Regards,

David Villasmil
email: david.villasmil.work at gmail.com
phone: +34669448337
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20191106/0d40502a/attachment.html>