Hi Ihor,
Thank you for your reply, I’ve check the certificate on that web and it tells me that I may need to install an intermediate certificate. I’m not sure how to do that in Kamailio. Could
you help me with that
Thank you again for your help, I’ll keep that web for the future I’m sure it’ll be usefull
De: Ihor Olkhovskyi via sr-users <sr-users@lists.kamailio.org>
Enviado el: jueves, 21 de diciembre de 2023 11:43
Para: Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org>
CC: Ihor Olkhovskyi <igorolhovskiy@gmail.com>
Asunto: [SR-Users] Re: Errors with TLS
Samuel,
By chance, have you checked that your cert is valid with openssl or some online tools like
https://www.sslshopper.com/ssl-checker.html ?
Le jeu. 21 déc. 2023 à 09:19, SAMUEL MOYA TINOCO via sr-users <sr-users@lists.kamailio.org> a écrit :
Hi everyone,
All my environment was working properly. But a few days ago I’ve started to have problems with my websocket connectios. Everytime I try to register my websocket Kamailio log this
Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls [tls_server.c:1330]: tls_h_read_f(): protocol level error
Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls [tls_util.h:50]: tls_err_ret(): TLS accept:error:0A000416:SSL routines::sslv3 alert certificate unknown (sni: unknown)
Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls [tls_server.c:1334]: tls_h_read_f(): src addr: IP_webclient:61423
Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls [tls_server.c:1337]: tls_h_read_f(): dst addr: IP_Kamailio:8443
Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: <core> [core/tcp_read.c:1476]: tcp_read_req(): ERROR: tcp_read_req: error reading - c: 0x7fbc423053b0 r: 0x7fbc423054d8 (-1)
My tls.cfg:
[server:default]
method = TLSv1.2+
verify_certificate = no
require_certificate = yes
private_key = /etc/kamailio/cert/clave_SSL.key
certificate = /etc/kamailio/cert/certificado.pem
Kamailio version:
root@prod-kamailio:/etc/kamailio# kamailio -v
version: kamailio 5.6.3 (x86_64/linux)
flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES, TLS_PTHREAD_MUTEX_SHARED
ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
id: unknown
compiled with gcc 12.2.0
I don’t know why it stopped working. And I’m not sure what to do or what to check.
Has anyone faced this problem?
Any help would be appreciated
Thanks in advance
Samuel Moya Tinoco
Departamento de Sistemas y Redes
Móvil: (+34) 606985997
Soluciones inteligentes
para la autonomía personal
__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-leave@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe:
--
Best regards,
Ihor (Igor)