[SR-Users] Integration with multiple MS Teams instances
Володимир Іванець
volodyaivanets at gmail.com
Fri Jul 30 16:33:40 CEST 2021
Unfortunately, I faced a different problem after the
"tls_set_connect_server_id()" function was applied.
After Kamailio starts, second trunk is the first one to establish
connection:
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: <core>
[core/parser/msg_parser.c:154]: get_hdr_field(): cseq <CSeq>: <10>
<OPTIONS>*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: <core>
[core/parser/parse_hname2.c:294]: parse_sip_header_name(): parsed header
name [Call-ID] type 6*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: tm [uac.c:189]:
uac_refresh_hdr_shortcuts(): cseq: [CSeq: 10]*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: <core>
[core/tcp_main.c:1993]: tcp_send(): no open tcp connection found, opening
new one*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: <core>
[core/ip_addr.c:577]: print_ip(): tcpconn_new: new tcp connection:
52.114.75.24*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: <core>
[core/tcp_main.c:1175]: tcpconn_new(): on port 5061, type 3, socket -1*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: <core>
[core/tcp_main.c:1498]: tcpconn_add(): hashes: 2831:67:0, 1*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: tls
[tls_server.c:244]: tls_complete_init(): completing tls connection
initialization*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: tls
[tls_server.c:207]: tls_get_connect_server_name(): xavp with outbound
server name not found*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: tls
[tls_server.c:180]: tls_get_connect_server_id(): xavp with outbound server
id not found*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: tls
[tls_server.c:184]: tls_get_connect_server_id(): found global outbound
server id: kamailio.domain2.com <http://kamailio.domain2.com>*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: tls
[tls_domain.c:1583]: tls_lookup_cfg(): comparing addr: [172.16.30.206:5063
<http://172.16.30.206:5063>] [172.16.30.206:0 <http://172.16.30.206:0>] --
id: [kamailio.domain2.com <http://kamailio.domain2.com>]
[kamailio.domain2.com <http://kamailio.domain2.com>]*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: tls
[tls_domain.c:1586]: tls_lookup_cfg(): TLS config found by server id*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: tls
[tls_server.c:274]: tls_complete_init(): Using initial TLS domain
TLSc<172.16.30.206:5063 <http://172.16.30.206:5063>> (dom 0x7f2d2a5f17a0
ctx 0x7f2d2abebad8 sn [kamailio.domain2.com <http://kamailio.domain2.com>])*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: tls
[tls_domain.c:1208]: tls_lookup_private_key(): Private key lookup for
SSL_CTX-0x7f2d2abebad8: (nil)*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: tls
[tls_domain.c:778]: sr_ssl_ctx_info_callback(): SSL handshake started*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: <core>
[core/tcp_main.c:2888]: tcpconn_1st_send(): pending write on new connection
0x7f2d2afb4680 sock 10 (-1/517 bytes written) (err: 11 - Resource
temporarily unavailable)*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: tm [uac.c:686]:
send_prepared_request_impl(): uac: 0x7f2d2afb1420 branch: 0 to
52.114.75.24:5061 <http://52.114.75.24:5061>*
*# kamcmd core.tcp_list{ id: 1 type: TLS state:
CONN_OK timeout: 3 lifetime: 600 ref_count: 2
src_ip: 52.114.75.24 src_port: 5061 dst_ip: 172.16.30.206
dst_port: 0}{ id: 2 type: TLS state: CONN_OK
timeout: 3 lifetime: 600 ref_count: 2 src_ip:
52.114.75.24 src_port: 4290 dst_ip: 172.16.30.206
dst_port: 5063}{ id: 3 type: TLS state: CONN_OK
timeout: 566 lifetime: 600 ref_count: 1 src_ip:
52.114.75.24 src_port: 4291 dst_ip: 172.16.30.206
dst_port: 5063}*
Then Kamailio initiates connection for the first trunk:
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: <core>
[core/parser/msg_parser.c:154]: get_hdr_field(): cseq <CSeq>: <10>
<OPTIONS>*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: <core>
[core/parser/parse_hname2.c:294]: parse_sip_header_name(): parsed header
name [Call-ID] type 6*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: tm [uac.c:189]:
uac_refresh_hdr_shortcuts(): cseq: [CSeq: 10]*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: <core>
[core/tcp_main.c:1610]: _tcpconn_find(): found connection by peer address
(id: 1)*
*Jul 29 21:25:22 kamailio /usr/sbin/kamailio[2645]: DEBUG: tm [uac.c:686]:
send_prepared_request_impl(): uac: 0x7f2d2afce198 branch: 0 to
52.114.75.24:5061 <http://52.114.75.24:5061>*
Although it has to connect from a different socket it sees an active
connection to the same address and uses it instead. It looks like it sends
SIP requests for both trunks through the single TLS connection.
Does anyone know how to make Kamailio create separate TLS connections from
different sockets for different trunks?
Thank you!
Regards, Volodymyr Ivanets
чт, 29 лип. 2021 о 19:48 Володимир Іванець <volodyaivanets at gmail.com> пише:
> Hello Rob!
>
> Yes, I'm using Letsencrypt while I'm testing. But I would like to be able
> to use different certificates with different sockets.
>
> I found this discussion https://github.com/kamailio/kamailio/issues/2413.
> Looks like I need to use "tls_set_connect_server_id()" instead of setting
> $xavp(tls=>server_name)" and "$xavp(tls[0]=>server_id)". Unfortunately I'm
> currently using Kamailio v5.4 on my test system and this function is not
> available. I will update Kamailio and give it another try. Then I will
> update everyone in the hope it will be useful for someone :)
>
> Thank you!
>
> Regards, Volodymyr Ivanets
>
> чт, 29 лип. 2021 о 19:07 Rob van den Bulk <rob.van.den.bulk at gmail.com>
> пише:
>
>> Hello, are u using letsencrypt?
>>
>> U can use a multi domain.
>>
>> Muti domain names in one certificate
>>
>> Outlook voor Android <https://aka.ms/AAb9ysg> downloaden
>> ------------------------------
>> *From:* sr-users <sr-users-bounces at lists.kamailio.org> on behalf of
>> Володимир Іванець <volodyaivanets at gmail.com>
>> *Sent:* Thursday, July 29, 2021 4:44:16 PM
>> *To:* Kamailio (SER) - Users Mailing List <sr-users at lists.kamailio.org>
>> *Subject:* [SR-Users] Integration with multiple MS Teams instances
>>
>> Hello all!
>>
>> I was able to connect Kamailio with MS Teams and now trying to add one
>> more Teams instance. It looks like I have some misconfiguration or there is
>> a bug.
>>
>> My test server has 2 domain records pointing at it (kamailio.domain1.com
>> and kamailio.domain2.com). My tls.cfg configuration file looks like
>> this. As you can see the Default section is configured with a
>> kamailio.domain1.com sertificate:
>>
>> *[server:default]*
>> *method = TLSv1.0+*
>> *require_certificate = no*
>> *verify_certificate = no*
>> *private_key =
>> /var/kamailio/certificates/kamailio.domain1.com/server/key.pem
>> <http://kamailio.domain1.com/server/key.pem>*
>> *certificate =
>> /var/kamailio/certificates/kamailio.domain1.com/server/cert.pem
>> <http://kamailio.domain1.com/server/cert.pem>*
>> *ca_list = /var/kamailio/certificates/kamailio.domain1.com/CA/cert.pem
>> <http://kamailio.domain1.com/CA/cert.pem>*
>>
>>
>> *[client:default]*
>> *method = TLSv1.0+*
>> *require_certificate = no*
>> *verify_certificate = no*
>> *private_key =
>> /var/kamailio/certificates/kamailio.domain1.com/server/key.pem
>> <http://kamailio.domain1.com/server/key.pem>*
>> *certificate =
>> /var/kamailio/certificates/kamailio.domain1.com/server/cert.pem
>> <http://kamailio.domain1.com/server/cert.pem>*
>> *ca_list = /var/kamailio/certificates/kamailio.domain1.com/CA/cert.pem
>> <http://kamailio.domain1.com/CA/cert.pem>*
>>
>>
>>
>> *[server:172.16.30.206:5062 <http://172.16.30.206:5062>]*
>> *method = TLSv1.0+*
>> *require_certificate = no*
>> *verify_certificate = no*
>> *private_key =
>> /var/kamailio/certificates/kamailio.domain1.com/server/key.pem
>> <http://kamailio.domain1.com/server/key.pem>*
>> *certificate =
>> /var/kamailio/certificates/kamailio.domain1.com/server/cert.pem
>> <http://kamailio.domain1.com/server/cert.pem>*
>> *ca_list = /var/kamailio/certificates/kamailio.domain1.com/CA/cert.pem
>> <http://kamailio.domain1.com/CA/cert.pem>*
>> *server_name = "kamailio.domain1.com <http://kamailio.domain1.com>"*
>> *server_id = "**"kamailio.domain1.com <http://kamailio.domain1.com>"*
>>
>>
>> *[client:172.16.30.206:5062 <http://172.16.30.206:5062>]*
>> *method = TLSv1.0+*
>> *require_certificate = no*
>> *verify_certificate = no*
>> *private_key =
>> /var/kamailio/certificates/kamailio.domain1.com/server/key.pem
>> <http://kamailio.domain1.com/server/key.pem>*
>> *certificate =
>> /var/kamailio/certificates/kamailio.domain1.com/server/cert.pem
>> <http://kamailio.domain1.com/server/cert.pem>*
>> *ca_list = /var/kamailio/certificates/kamailio.domain1.com/CA/cert.pem
>> <http://kamailio.domain1.com/CA/cert.pem>*
>>
>>
>>
>> *[server:172.16.30.206:5063 <http://172.16.30.206:5063>]*
>> *method = TLSv1.0+*
>> *require_certificate = no*
>> *verify_certificate = no*
>> *private_key =
>> /var/kamailio/certificates/kamailio.domain2.com/server/key.pem
>> <http://kamailio.domain2.com/server/key.pem>*
>> *certificate =
>> /var/kamailio/certificates/kamailio.domain2.com/server/cert.pem
>> <http://kamailio.domain2.com/server/cert.pem>*
>> *ca_list = /var/kamailio/certificates/kamailio.domain2.com/CA/cert.pem
>> <http://kamailio.domain2.com/CA/cert.pem>*
>> *server_name = "kamailio.domain2.com <http://kamailio.domain2.com>"*
>>
>> *server_id = "**"kamailio.domain2.com <http://kamailio.domain2.com>"*
>>
>>
>> *[client:172.16.30.206:5063 <http://172.16.30.206:5063>]*
>> *method = TLSv1.0+*
>> *require_certificate = no*
>> *verify_certificate = no*
>> *private_key =
>> /var/kamailio/certificates/kamailio.domain2.com/server/key.pem
>> <http://kamailio.domain2.com/server/key.pem>*
>> *certificate =
>> /var/kamailio/certificates/kamailio.domain2.com/server/cert.pem
>> <http://kamailio.domain2.com/server/cert.pem>*
>> *ca_list = /var/kamailio/certificates/kamailio.domain2.com/CA/cert.pem
>> <http://kamailio.domain2.com/CA/cert.pem>*
>>
>>
>> The dispatcher configuration table looks like this:
>>
>>
>> +----+-------+----------------------------------------------+-------+----------+--------------------------------------------------------------------+-------------+
>> | id | setid | destination | flags |
>> priority | attrs
>> | description |
>>
>> +----+-------+----------------------------------------------+-------+----------+--------------------------------------------------------------------+-------------+
>> | 1 | 1 | sip:sip.pstnhub.microsoft.com;transport=tls | 0 |
>> 3 | socket=tls:172.16.30.206:5062;ping_from=sip:kamailio.domain1.com |
>> MS Teams 1 |
>> | 2 | 2 | sip:sip.pstnhub.microsoft.com;transport=tls | 0 |
>> 3 | socket=tls:172.16.30.206:5063;ping_from=sip:kamailio.domain2.com |
>> MS Teams 2 |
>>
>> +----+-------+----------------------------------------------+-------+----------+--------------------------------------------------------------------+-------------+
>>
>>
>>
>> When Kamailio is started only connection with the first trunk is
>> established:
>>
>> *# kamcmd tls.list*
>> *{*
>> * id: 1*
>> * timeout: 0*
>> * src_ip: 52.114.75.24*
>> * src_port: 5061*
>> * dst_ip: 172.16.30.206*
>> * dst_port: 0*
>> * cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA
>> Enc=AESGCM(256) Mac=AEAD*
>> * ct_wq_size: 0*
>> * enc_rd_buf: 0*
>> * flags: 2*
>> * state: established*
>> *}*
>> *{*
>> * id: 2*
>> * timeout: 0*
>> * src_ip: 52.114.75.24*
>> * src_port: 7810*
>> * dst_ip: 172.16.30.206*
>> * dst_port: 5062*
>> * cipher: AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA
>> Enc=AESGCM(256) Mac=AEAD*
>> * ct_wq_size: 0*
>> * enc_rd_buf: 0*
>> * flags: 2*
>> * state: established*
>> *}*
>> *{*
>> * id: 3*
>> * timeout: 596*
>> * src_ip: 52.114.75.24*
>> * src_port: 7811*
>> * dst_ip: 172.16.30.206*
>> * dst_port: 5062*
>> * cipher: AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA
>> Enc=AESGCM(256) Mac=AEAD*
>> * ct_wq_size: 0*
>> * enc_rd_buf: 0*
>> * flags: 2*
>> * state: established*
>> *}*
>>
>>
>> Here is what I can see in Kamailio log file when it sends an OPTIONS
>> request to the second trunk. Kamailio uses Default tls configuration and MS
>> Teams don't accept it:
>>
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: ALERT: <script>: ==
>> TRACE. tm:local-request. fs is tls:172.16.30.206:5063
>> <http://172.16.30.206:5063>*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tm
>> [uac.c:352]: t_run_local_req(): apply new updates without Via to sip msg*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/msg_translator.c:1796]: check_boundaries(): no multi-part body*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:610]: parse_msg(): SIP Request:*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:612]: parse_msg(): method: <OPTIONS>*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:614]: parse_msg(): uri:
>> <sip:sip.pstnhub.microsoft.com
>> <http://sip.pstnhub.microsoft.com>;transport=tls>*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:616]: parse_msg(): version: <SIP/2.0>*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/parse_via.c:1303]: parse_via_param(): Found param type 232,
>> <branch> = <z9hG4bK169b.6411b4c3000000000000000000000000.0>; state=16*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/parse_via.c:2639]: parse_via(): end of header reached, state=5*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:498]: parse_headers(): Via found, flags=2*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:500]: parse_headers(): this is the first via*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/parse_addr_spec.c:864]: parse_addr_spec(): end of header
>> reached, state=10*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:171]: get_hdr_field(): <To> [47];
>> uri=[sip:sip.pstnhub.microsoft.com
>> <http://sip.pstnhub.microsoft.com>;transport=tls]*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:174]: get_hdr_field(): to body
>> (47)[<sip:sip.pstnhub.microsoft.com
>> <http://sip.pstnhub.microsoft.com>;transport=tls>^M*
>> *], to tag (0)[]*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:152]: get_hdr_field(): cseq <CSeq>: <10>
>> <OPTIONS>*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:185]: get_hdr_field(): content_length=0*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:89]: get_hdr_field(): found end of header*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:610]: parse_msg(): SIP Request:*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:612]: parse_msg(): method: <OPTIONS>*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:614]: parse_msg(): uri:
>> <sip:sip.pstnhub.microsoft.com
>> <http://sip.pstnhub.microsoft.com>;transport=tls>*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:616]: parse_msg(): version: <SIP/2.0>*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/parse_via.c:1303]: parse_via_param(): Found param type 232,
>> <branch> = <z9hG4bK169b.6411b4c3000000000000000000000000.0>; state=16*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/parse_via.c:2639]: parse_via(): end of header reached, state=5*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:498]: parse_headers(): Via found, flags=2*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:500]: parse_headers(): this is the first via*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/parse_addr_spec.c:864]: parse_addr_spec(): end of header
>> reached, state=10*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:171]: get_hdr_field(): <To> [47];
>> uri=[sip:sip.pstnhub.microsoft.com
>> <http://sip.pstnhub.microsoft.com>;transport=tls]*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:174]: get_hdr_field(): to body
>> (47)[<sip:sip.pstnhub.microsoft.com
>> <http://sip.pstnhub.microsoft.com>;transport=tls>^M*
>> *], to tag (0)[]*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/parser/msg_parser.c:152]: get_hdr_field(): cseq <CSeq>: <10>
>> <OPTIONS>*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tm
>> [uac.c:189]: uac_refresh_hdr_shortcuts(): cseq: [CSeq: 10]*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/tcp_main.c:1993]: tcp_send(): no open tcp connection found, opening
>> new one*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/ip_addr.c:229]: print_ip(): tcpconn_new: new tcp connection:
>> 52.114.75.24*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/tcp_main.c:1175]: tcpconn_new(): on port 5061, type 3, socket -1*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: <core>
>> [core/tcp_main.c:1498]: tcpconn_add(): hashes: 2831:67:0, 1*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tls
>> [tls_server.c:199]: tls_complete_init(): completing tls connection
>> initialization*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tls
>> [tls_server.c:162]: tls_get_connect_server_name(): xavp with outbound
>> server name not found*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tls
>> [tls_server.c:142]: tls_get_connect_server_id(): xavp with outbound server
>> id not found*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tls
>> [tls_server.c:228]: tls_complete_init(): Using initial TLS domain
>> TLSc<default> (dom 0x7f35509da688 ctx 0x7f3550b7a568 sn [])*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tls
>> [tls_domain.c:1177]: tls_lookup_private_key(): Private key lookup for
>> SSL_CTX-0x7f3550b7a568: (nil)*
>> *Jul 29 16:46:14 kamailio /usr/sbin/kamailio[11809]: DEBUG: tls
>> [tls_domain.c:747]: sr_ssl_ctx_info_callback(): SSL handshake started*
>> *...*
>>
>>
>> If I change the Default configuration to use kamailio.domain2.com
>> certificate, the second trunk will connect but the first one will fail.
>> I tried to set "$xavp(tls=>server_name)" and "$xavp(tls[0]=>server_id)"
>> variables to the event_route[tm:local-request] section but log still stated
>> that server Name and ID were not found.
>>
>> Can someone please point me in the right direction, how can I make
>> Kamailio use the correct certificates when establishing multiple TLS
>> connections?
>>
>> Thanks a lot!
>>
>> Regards, Volodymyr Ivanets
>> __________________________________________________________
>> Kamailio - Users Mailing List - Non Commercial Discussions
>> * sr-users at lists.kamailio.org
>> Important: keep the mailing list in the recipients, do not reply only to
>> the sender!
>> Edit mailing list options or unsubscribe:
>> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20210730/c8a2f038/attachment.htm>
More information about the sr-users
mailing list