[Users] client could not get server certificate error

Pjothi pjothi at gmail.com
Tue Feb 7 13:55:58 CET 2006 

Dear all,

wen a sip client(minisip) tries to connect with OpenSER with TLS
enabled on both sides, I get the following error

ipMessageTransport: sendMessage: creating new socket
Creating new SSL_CTX
SSL connect: Error in system call.
Could not get server certificate
SipMessageTransport: sendMessage: exception thrown!
SipMessageTransport: sendMessage: exception thrown!
SipMessageTransport: sendMessage: exception thrown!
SipMessageTransport: sendMessage: exception thrown!
SipMessageTransport: sendMessage: exception thrown!
SipMessageTransport: sendMessage: exception thrown!
SipMessageTransport: sendMessage: exception thrown!

regarding the certificates, using the scripts given in OpenSER, I
created a rootCA and with the same rootCA I created the following for server
and client

Server:
server-cert
server-privkey
server-calist

Client:
client-cert
client-privkey
client-calist

and loaded the sever certs in the server config file and the client
certs in the client config file.....

wat am I missing here, why is it not able to get the server
certificate ? I am posting the openser.cfg here. kindly guide me
thanks and regards,
Pjothi


____________________________________________________________


openser.cfg

# $Id: openser.cfg,v 1.5 2005/10/28 19:45:33 bogdan_iancu Exp $
#
# simple quick-start config script
#

# ----------- global configuration parameters ------------------------

debug=3            # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=no     # (cmd line: -E)



/* Uncomment these lines to enter debugging mode

fork=no
log_stderror=yes

*/

check_via=no      # (cmd. line: -v)
dns=no          # (cmd. line: -r)
rev_dns=no      # (cmd. line: -R)
port=5060
children=4
fifo="/tmp/openser_fifo"

#
# uncomment the following lines for TLS support
disable_tls = 0
listen = tls: 192.168.0.4:5061
tls_verify = 1
tls_require_certificate = 0
tls_method = SSLv23
tls_certificate = "/usr/local/etc/openser/user/user- cert.pem"
tls_private_key = "/usr/local/etc/openser/user/user- privkey.pem"
tls_ca_list = "/usr/local/etc/openser/user/user- calist.pem"
--------------------------------------------------------------------------------------------------------------

More information about the Users mailing list