Hello,
the log messages below are DEBUG, not ERROR messages. If your server requires certificates, you should see on startup some lines like that:
/var/log/kamailio.log.2.gz:Mar 20 10:26:56 kam04 kamailio[22717]: INFO: tls [tls_domain.c:707]: set_verification(): TLSs<default>: Client MUST present valid certificate
/var/log/kamailio.log.2.gz:Mar 20 10:26:59 kam04 kamailio[22717]: INFO: tls [tls_domain.c:707]: set_verification(): TLSc<default>: Server MUST present valid certificate
If you are not seeing this log messages, your server has probably another cfg issue.
Cheers,
Henning
From: David Cunningham <dcunningham@voisonics.com>
Sent: Mittwoch, 22. März 2023 00:34
To: Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org>
Subject: [SR-Users] WebRTC "client did not present a certificate" error
Hello,
We have a Kamailio 5.2.7 server with WebRTC enabled. However, a WebRTC client at
https://tryit.jssip.net/ is unable to connect on either Chrome or Firefox. In the Kamailio log we see the lines below. In tls.cfg we have "verify_certificate = no" and "require_certificate = no" for both [server:default]
and [client:default]. Would anyone be able to help us with this?
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for SSL_CTX-0x14baf1cbb090: (nil)
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:749]: sr_ssl_ctx_info_callback(): SSL handshake done
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:737]: sr_ssl_ctx_info_callback(): SSL handshake started
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:741]: sr_ssl_ctx_info_callback(): SSL renegotiation initiated by client
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:749]: sr_ssl_ctx_info_callback(): SSL handshake done
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:737]: sr_ssl_ctx_info_callback(): SSL handshake started
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:741]: sr_ssl_ctx_info_callback(): SSL renegotiation initiated by client
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:749]: sr_ssl_ctx_info_callback(): SSL handshake done
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_server.c:424]: tls_accept(): TLS accept successful
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_server.c:431]: tls_accept(): tls_accept: new connection from xx.xx.xx.xx:39816 using TLSv1.3 TLS_AES_256_GCM_SHA384 256
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_server.c:434]: tls_accept(): tls_accept: local socket: yy.yy.yy.yy:8443
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_server.c:445]: tls_accept(): tls_accept: client did not present a certificate
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_server.c:1189]: tls_read_f(): Reading on a renegotiation of connection (n:532) (0)
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: <core> [core/tcp_read.c:1527]: tcp_read_req(): EOF
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: <core> [core/io_wait.h:602]: io_watch_del(): DBG: io_watch_del (0x562ffde66d00, 17, -1, 0x10) fd_no=4 called
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: <core> [core/tcp_read.c:1680]: release_tcpconn(): releasing con 0x14baf4cc1ec8, state -1, fd=17, id=665 ([xx.xx.xx.xx]:39816 -> [xx.xx.xx.xx]:8443)
Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: <core> [core/tcp_read.c:1684]: release_tcpconn(): extra_data 0x14baf289ea30
Mar 22 01:25:28 br /sbin/kamailio[25291]: DEBUG: <core> [core/tcp_main.c:3320]: handle_tcp_child(): reader response= 14baf4cc1ec8, -1 from 1
Mar 22 01:25:28 br /sbin/kamailio[25291]: DEBUG: tls [tls_server.c:683]: tls_h_close(): Closing SSL connection 0x14baf289ea30
Thanks very much,
--
David Cunningham, Voisonics Limited
http://voisonics.com/
USA: +1 213 221 1092
New Zealand: +64 (0)28 2558 3782