Hello,
can you try to connect with openssl client tool and see if you get more hints in the output? Like:
openssl s_client -connect sipserver.com:5061 -tlsextdebug
Cheers, Daniel
On 19.05.20 21:35, Chirag Desai wrote:
Hi Daniel,
Thanks for the response. I'm sure I have everything set up correctly.
Here's what's in my tls.cfg:
[server:default] method = TLSv1.2+ verify_certificate = no require_certificate = no private_key = /etc/letsencrypt/live/sip.mydomain.com/privkey.pem http://sip.mydomain.com/privkey.pem certificate = /etc/letsencrypt/live/sip.mydomain.com/fullchain.pem http://sip.mydomain.com/fullchain.pem server_name = sip.mydomain.com http://sip.mydomain.com
Here's my kamailio.cfg
#!ifdef WITH_TLS # ----- tls params ----- modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg") #!endif
If I run cat /etc/letsencrypt/live/sip.mydomain.com/privkey.pem http://sip.mydomain.com/privkey.pem I can see the contents of the file. The permissions for the certificates are quite liberal too, so there shouldn't be any issues there. Any other ideas?
Thanks so much for your help.