Hello,
can you try to connect with openssl client tool and see if you get more hints in the output? Like:
openssl s_client -connect sipserver.com:5061 -tlsextdebug
Cheers,
Daniel
Hi Daniel,
Thanks for the response. I'm sure I have everything set up correctly.
Here's what's in my tls.cfg:
[server:default]
method = TLSv1.2+
verify_certificate = no
require_certificate = no
private_key = /etc/letsencrypt/live/sip.mydomain.com/privkey.pem
certificate = /etc/letsencrypt/live/sip.mydomain.com/fullchain.pem
server_name = sip.mydomain.com
Here's my kamailio.cfg
#!ifdef WITH_TLS
# ----- tls params -----
modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg")
#!endif
If I run cat /etc/letsencrypt/live/sip.mydomain.com/privkey.pem I can see the contents of the file. The permissions for the certificates are quite liberal too, so there shouldn't be any issues there. Any other ideas?
Thanks so much for your help.
-- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Funding: https://www.paypal.me/dcmierla