22 Feb
2010
22 Feb
'10
6:32 a.m.
Dear friends,
Since last few days i am working on Kamailio with TLS support. I had
followed each and every steps in installation docs...created certificates
as well.
Then i started testing the server with TLS on using SIPP. First i didnt
added any certificate to SIPP, and Registration wasnt happening...
When i added a certificate and key to SIPP....it started working fine....i
was been able to test Registrations Successfully.
Then i started working with one open source soft phone supporting TLS
named mumble. IT Supports. Now i hadnt added any certificate to Mumblem.
In my settings of kamailio i have set clietn_verify = 0 and
require_client_certificate = 0. So without certificate as well i should be
able to Authenticate my self successfully.
Instead it gives following error in kamailio log:
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:print_ip:
tcpconn_new: new tcp connection to: 172.16.16.218
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_new: on
port 58125, type 3
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: entered: Creating a whole new ssl connection
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: looking up socket based TLS server domain
[172.16.16.218:5091]
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_find_server_domain: socket based TLS server domain found
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: found socket based TLS server domain
[172.16.16.218:5091]
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: Setting in ACCEPT mode (server)
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_add:
hashes: 929, 1
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:handle_new_connect: new connection: 0x7fd6f4a58208 23 flags: 0002
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:send2child: to
tcp child 0 0(3296), 0x7fd6f4a58208
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:handle_io:
received n=8 con=0x7fd6f4a58208, fd=18
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_add:
io_watch_add(0x73a0a0, 18, 2, 0x7fd6f4a58208), fd_no=1
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:tls_update_fd:
New fd is 18
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: ERROR:core:tls_accept:
SSL_accept failed: SSL_ERROR_SSL
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_del:
io_watch_del (0x73a0a0, 18, -1, 0x10) fd_no=2 called
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn:
releasing con 0x7fd6f4a58208, state -2, fd=18, id=1
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn:
extra_data 0x7fd6f4a683a0
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:handle_tcp_child: reader response= 7fd6f4a58208, -2 from 0
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_destroy:
destroying connection 0x7fd6f4a58208, flags 0002
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_close:
closing SSL connection
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_update_fd:
New fd is 23
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_shutdown:
shutdown successful
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_clean: Cleanup function entered
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:print_ip:
tcpconn_new: new tcp connection to: 172.16.16.218
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_new: on
port 58126, type 3
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: entered: Creating a whole new ssl connection
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: looking up socket based TLS server domain
[172.16.16.218:5091]
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_find_server_domain: socket based TLS server domain found
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: found socket based TLS server domain
[172.16.16.218:5091]
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: Setting in ACCEPT mode (server)
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_add:
hashes: 930, 2
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:handle_new_connect: new connection: 0x7fd6f4a58208 23 flags: 0002
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:send2child: to
tcp child 0 0(3296), 0x7fd6f4a58208
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:handle_io:
received n=8 con=0x7fd6f4a58208, fd=18
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_add:
io_watch_add(0x73a0a0, 18, 2, 0x7fd6f4a58208), fd_no=1
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:tls_update_fd:
New fd is 18
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: ERROR:core:tls_accept:
SSL_accept failed: SSL_ERROR_SSL
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_del:
io_watch_del (0x73a0a0, 18, -1, 0x10) fd_no=2 called
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn:
releasing con 0x7fd6f4a58208, state -2, fd=18, id=2
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn:
extra_data 0x7fd6f4a683a0
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:handle_tcp_child: reader response= 7fd6f4a58208, -2 from 0
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_destroy:
destroying connection 0x7fd6f4a58208, flags 0002
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_close:
closing SSL connection
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_update_fd:
New fd is 23
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_shutdown:
shutdown successful
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_clean: Cleanup function entered
And in Mumble soft phone log it gives me following Error:
[9:50 AM] Welcome to Mumble.
[9:50 AM] Server connection failed: Error during SSL handshake:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure.
[9:51 AM] Reconnecting.
[9:51 AM] Server connection failed: Error during SSL handshake:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure.
[9:51 AM] Reconnecting.
[9:51 AM] Server connection failed: Error during SSL handshake:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure.
[9:51 AM] Reconnecting.
[9:51 AM] Server connection failed: Error during SSL handshake:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure.
Can any one suggest what could be the problem?
My Server works great with SIPP with TLS....so i dont think theres any
config related error and i have set client_require_certificate = 0 thats
for sure....
In real life scenario, hard or soft phones wont have certificates...so
they should be able to connect to server and authenticate/Authorize
themselves if server has valid certificate.But its not happening. So i
need help from experienced guys....
--
Regards,
Hemanshu Patel
M: 09601295238
22 Feb
22 Feb
6:49 a.m.
I was checking the occurrence of the particular error and i came across a
line in code which is in tls/tls_server.c +263
ret = SSL_accept(ssl);
This function fails and gives the error.
I am looking further, meanwhile if someone have any clue, please let me
know about the same.
--
Regards,
Hemanshu Patel
M: 09601295238
Dear friends,
Since last few days i am working on Kamailio with TLS support. I had
followed each and every steps in installation docs...created certificates
as well.
Then i started testing the server with TLS on using SIPP. First i didnt
added any certificate to SIPP, and Registration wasnt happening...
When i added a certificate and key to SIPP....it started working fine....i
was been able to test Registrations Successfully.
Then i started working with one open source soft phone supporting TLS
named mumble. IT Supports. Now i hadnt added any certificate to Mumblem.
In my settings of kamailio i have set clietn_verify = 0 and
require_client_certificate = 0. So without certificate as well i should be
able to Authenticate my self successfully.
Instead it gives following error in kamailio log:
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:print_ip:
tcpconn_new: new tcp connection to: 172.16.16.218
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_new: on
port 58125, type 3
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: entered: Creating a whole new ssl connection
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: looking up socket based TLS server domain
[172.16.16.218:5091]
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_find_server_domain: socket based TLS server domain found
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: found socket based TLS server domain
[172.16.16.218:5091]
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: Setting in ACCEPT mode (server)
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_add:
hashes: 929, 1
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:handle_new_connect: new connection: 0x7fd6f4a58208 23 flags: 0002
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:send2child: to
tcp child 0 0(3296), 0x7fd6f4a58208
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:handle_io:
received n=8 con=0x7fd6f4a58208, fd=18
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_add:
io_watch_add(0x73a0a0, 18, 2, 0x7fd6f4a58208), fd_no=1
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:tls_update_fd:
New fd is 18
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: ERROR:core:tls_accept:
SSL_accept failed: SSL_ERROR_SSL
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_del:
io_watch_del (0x73a0a0, 18, -1, 0x10) fd_no=2 called
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn:
releasing con 0x7fd6f4a58208, state -2, fd=18, id=1
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn:
extra_data 0x7fd6f4a683a0
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:handle_tcp_child: reader response= 7fd6f4a58208, -2 from 0
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_destroy:
destroying connection 0x7fd6f4a58208, flags 0002
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_close:
closing SSL connection
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_update_fd:
New fd is 23
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_shutdown:
shutdown successful
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_clean: Cleanup function entered
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:print_ip:
tcpconn_new: new tcp connection to: 172.16.16.218
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_new: on
port 58126, type 3
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: entered: Creating a whole new ssl connection
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: looking up socket based TLS server domain
[172.16.16.218:5091]
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_find_server_domain: socket based TLS server domain found
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: found socket based TLS server domain
[172.16.16.218:5091]
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: Setting in ACCEPT mode (server)
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_add:
hashes: 930, 2
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:handle_new_connect: new connection: 0x7fd6f4a58208 23 flags: 0002
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:send2child: to
tcp child 0 0(3296), 0x7fd6f4a58208
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:handle_io:
received n=8 con=0x7fd6f4a58208, fd=18
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_add:
io_watch_add(0x73a0a0, 18, 2, 0x7fd6f4a58208), fd_no=1
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:tls_update_fd:
New fd is 18
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: ERROR:core:tls_accept:
SSL_accept failed: SSL_ERROR_SSL
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_del:
io_watch_del (0x73a0a0, 18, -1, 0x10) fd_no=2 called
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn:
releasing con 0x7fd6f4a58208, state -2, fd=18, id=2
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn:
extra_data 0x7fd6f4a683a0
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:handle_tcp_child: reader response= 7fd6f4a58208, -2 from 0
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_destroy:
destroying connection 0x7fd6f4a58208, flags 0002
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_close:
closing SSL connection
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_update_fd:
New fd is 23
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_shutdown:
shutdown successful
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_clean: Cleanup function entered
And in Mumble soft phone log it gives me following Error:
[9:50 AM] Welcome to Mumble.
[9:50 AM] Server connection failed: Error during SSL handshake:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure.
[9:51 AM] Reconnecting.
[9:51 AM] Server connection failed: Error during SSL handshake:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure.
[9:51 AM] Reconnecting.
[9:51 AM] Server connection failed: Error during SSL handshake:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure.
[9:51 AM] Reconnecting.
[9:51 AM] Server connection failed: Error during SSL handshake:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure.
Can any one suggest what could be the problem?
My Server works great with SIPP with TLS....so i dont think theres any
config related error and i have set client_require_certificate = 0 thats
for sure....
In real life scenario, hard or soft phones wont have certificates...so
they should be able to connect to server and authenticate/Authorize
themselves if server has valid certificate.But its not happening. So i
need help from experienced guys....
--
Regards,
Hemanshu Patel
M: 09601295238
_______________________________________________
Kamailio (OpenSER) - Users mailing list
Users(a)lists.kamailio.org
http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
5:42 p.m.
Hi!
Talking about "certificate" is too unspecific to understand your
configuration. Please say exactly "server certificate" or "client
certificate".
Usually, when using SIP over TLS, only the server uses a certificate.
This means, the SIP proxy authenticates to the SIP client using its TLS
certificate (server certificate), and the SIP clients authenticates to
the SIP proxy with digest authentication. This is basically the same as
when login to your e-banking website (web-server: certificate, browser:
username+password).
To configure this, you have to:
- configure the SIP proxy a "server certificate", private key of this
server certificate and the CA certificate.
- configure the SIP client the the CA certificate (to validate the
server certificate)
- configure the SIP proxy (server domain) with:
- require client certificate: no
- verify_certificate: no
regards
klaus
Am 22.02.2010 05:32, schrieb Hemanshu Patel:
Dear friends,
Since last few days i am working on Kamailio with TLS support. I had
followed each and every steps in installation docs...created certificates
as well.
Then i started testing the server with TLS on using SIPP. First i didnt
added any certificate to SIPP, and Registration wasnt happening...
When i added a certificate and key to SIPP....it started working fine....i
was been able to test Registrations Successfully.
Then i started working with one open source soft phone supporting TLS
named mumble. IT Supports. Now i hadnt added any certificate to Mumblem.
In my settings of kamailio i have set clietn_verify = 0 and
require_client_certificate = 0. So without certificate as well i should be
able to Authenticate my self successfully.
Instead it gives following error in kamailio log:
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:print_ip:
tcpconn_new: new tcp connection to: 172.16.16.218
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_new: on
port 58125, type 3
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: entered: Creating a whole new ssl connection
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: looking up socket based TLS server domain
[172.16.16.218:5091]
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_find_server_domain: socket based TLS server domain found
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: found socket based TLS server domain
[172.16.16.218:5091]
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: Setting in ACCEPT mode (server)
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_add:
hashes: 929, 1
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:handle_new_connect: new connection: 0x7fd6f4a58208 23 flags: 0002
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:send2child: to
tcp child 0 0(3296), 0x7fd6f4a58208
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:handle_io:
received n=8 con=0x7fd6f4a58208, fd=18
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_add:
io_watch_add(0x73a0a0, 18, 2, 0x7fd6f4a58208), fd_no=1
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:tls_update_fd:
New fd is 18
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: ERROR:core:tls_accept:
SSL_accept failed: SSL_ERROR_SSL
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_del:
io_watch_del (0x73a0a0, 18, -1, 0x10) fd_no=2 called
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn:
releasing con 0x7fd6f4a58208, state -2, fd=18, id=1
Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn:
extra_data 0x7fd6f4a683a0
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:handle_tcp_child: reader response= 7fd6f4a58208, -2 from 0
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_destroy:
destroying connection 0x7fd6f4a58208, flags 0002
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_close:
closing SSL connection
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_update_fd:
New fd is 23
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_shutdown:
shutdown successful
Feb 22 09:50:51 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_clean: Cleanup function entered
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:print_ip:
tcpconn_new: new tcp connection to: 172.16.16.218
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_new: on
port 58126, type 3
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: entered: Creating a whole new ssl connection
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: looking up socket based TLS server domain
[172.16.16.218:5091]
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_find_server_domain: socket based TLS server domain found
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: found socket based TLS server domain
[172.16.16.218:5091]
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_init: Setting in ACCEPT mode (server)
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_add:
hashes: 930, 2
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:handle_new_connect: new connection: 0x7fd6f4a58208 23 flags: 0002
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:send2child: to
tcp child 0 0(3296), 0x7fd6f4a58208
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:handle_io:
received n=8 con=0x7fd6f4a58208, fd=18
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_add:
io_watch_add(0x73a0a0, 18, 2, 0x7fd6f4a58208), fd_no=1
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:tls_update_fd:
New fd is 18
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: ERROR:core:tls_accept:
SSL_accept failed: SSL_ERROR_SSL
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_del:
io_watch_del (0x73a0a0, 18, -1, 0x10) fd_no=2 called
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn:
releasing con 0x7fd6f4a58208, state -2, fd=18, id=2
Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn:
extra_data 0x7fd6f4a683a0
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:handle_tcp_child: reader response= 7fd6f4a58208, -2 from 0
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_destroy:
destroying connection 0x7fd6f4a58208, flags 0002
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_close:
closing SSL connection
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_update_fd:
New fd is 23
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_shutdown:
shutdown successful
Feb 22 09:51:01 localhost ./sbin/kamailio[3300]:
DBG:core:tls_tcpconn_clean: Cleanup function entered
And in Mumble soft phone log it gives me following Error:
[9:50 AM] Welcome to Mumble.
[9:50 AM] Server connection failed: Error during SSL handshake:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure.
[9:51 AM] Reconnecting.
[9:51 AM] Server connection failed: Error during SSL handshake:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure.
[9:51 AM] Reconnecting.
[9:51 AM] Server connection failed: Error during SSL handshake:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure.
[9:51 AM] Reconnecting.
[9:51 AM] Server connection failed: Error during SSL handshake:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure.
Can any one suggest what could be the problem?
My Server works great with SIPP with TLS....so i dont think theres any
config related error and i have set client_require_certificate = 0 thats
for sure....
In real life scenario, hard or soft phones wont have certificates...so
they should be able to connect to server and authenticate/Authorize
themselves if server has valid certificate.But its not happening. So i
need help from experienced guys....
5390
days inactive
5390
days old
2 comments
2 participants
participants (2)
-
Hemanshu Patel -
Klaus Darilion