Re: [SR-Users] TLS Certificate Verification Issue

Dear All I have modified kamailio,cfg and compiled all the modules with TLS enabled, and able to bring up the kamailio proxy properly. Kamailio proxy will receive the REGISTER message from endpoints in UDP , and want to send this REGISTER message to another intermediate proxy in TLS. For this purpose, I have added few lines in kamailio.cfg file as below. I have created the certificates, private keys as explained by README file in kamailio-3.1.5/modules/tls/ path. if(is_method("REGISTER")) { t_relay_to("tls:115.114.48.75:443 <http://115.114.48.75:443>"); exit(); } Looks like this is taking effect. When Kamailio receives REGISTER message it is trying to do handshake with intermediate proxy. I used wireshark to see the handshake messages. 1. From Kamailio proxy, a TCP SYNC message is going to intermediate proxy. 2. intermediate proxy sends SYNC + ACK 3. Kamailio sends CLIENT HELLO 4. intermediate proxy sends SERVER HELLO, CERTIFICATE and SERVER HELLO DONE 5. The Kamailio sends ALERT (Level: Fatal, Description: Unknown CA) ---> IS something going wrong here.............. 6. Then Kamailio sends FIN + ACK Can somebody please let me know why the certificate verification fails (I get this log in console). How can I put a work around to avoid certification verification failure. Best Regards kamal _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users(a)lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users