Hi Ihor,

Thank you for your reply, I’ve check the certificate on that web and it tells me that I may need to install an intermediate certificate. I’m not sure how to do that in Kamailio. Could you help me with that

Thank you again for your help, I’ll keep that web for the future I’m sure it’ll be usefull

De: Ihor Olkhovskyi via sr-users sr-users@lists.kamailio.org Enviado el: jueves, 21 de diciembre de 2023 11:43 Para: Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org CC: Ihor Olkhovskyi igorolhovskiy@gmail.com Asunto: [SR-Users] Re: Errors with TLS

Samuel,

By chance, have you checked that your cert is valid with openssl or some online tools like https://www.sslshopper.com/ssl-checker.htmlhttps://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwww.sslshopper.com%2fssl-checker.html&c=E,1,O0PBSaGAuYImVTm2bx5D_2qzZHxHrvcO32lJ2gXvzht-W7lkOrNQAbIV1ySXVqlJzPXx3S_wFwD1iY3oFLx2As8PeLv7V-6cESYebJbXfA,,&typo=1 ?

Le jeu. 21 déc. 2023 à 09:19, SAMUEL MOYA TINOCO via sr-users <sr-users@lists.kamailio.orgmailto:sr-users@lists.kamailio.org> a écrit : Hi everyone,

All my environment was working properly. But a few days ago I’ve started to have problems with my websocket connectios. Everytime I try to register my websocket Kamailio log this

Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls [tls_server.c:1330]: tls_h_read_f(): protocol level error Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls [tls_util.h:50]: tls_err_ret(): TLS accept:error:0A000416:SSL routines::sslv3 alert certificate unknown (sni: unknown) Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls [tls_server.c:1334]: tls_h_read_f(): src addr: IP_webclient:61423 Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls [tls_server.c:1337]: tls_h_read_f(): dst addr: IP_Kamailio:8443 Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: <core> [core/tcp_read.c:1476]: tcp_read_req(): ERROR: tcp_read_req: error reading - c: 0x7fbc423053b0 r: 0x7fbc423054d8 (-1)

My tls.cfg: [server:default] method = TLSv1.2+ verify_certificate = no require_certificate = yes private_key = /etc/kamailio/cert/clave_SSL.key certificate = /etc/kamailio/cert/certificado.pem

Kamailio version: root@prod-kamailio:/etc/kamailio# kamailio -v version: kamailio 5.6.3 (x86_64/linux) flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES, TLS_PTHREAD_MUTEX_SHARED ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB poll method support: poll, epoll_lt, epoll_et, sigio_rt, select. id: unknown compiled with gcc 12.2.0

I don’t know why it stopped working. And I’m not sure what to do or what to check. Has anyone faced this problem? Any help would be appreciated

Thanks in advance

Samuel Moya Tinoco Departamento de Sistemas y Redes Móvil: (+34) 606985997 smoya@vivelibre.esmailto:smoya@vivelibre.es

[cid:image001.png@01DA341F.93495C60]

Soluciones inteligentes para la autonomía personal

__________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-leave@lists.kamailio.orgmailto:sr-users-leave@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:

-- Best regards, Ihor (Igor)