I also see a lot of those errors in my log files but I attributed them to
simple connection issues with mobile clients instead of anything specific
to TLS.
My reasoning is that if a mobile UAC changes networks, moves out of range,
etc, then TCP connections to that previous IP:port combo will fail, leading
to the error messages in the logs. This shouldn't really affect performance
much since the UAC will re-register soon enough with its new network info.
After reading Daniel's response, I started to wonder if maybe my
assumptions are wrong.
However, I don't think any of Daniel's scenarios apply in my case.
>- requiring a tls method not supported (tlsv1, ...)
In my network this is not the case. Clients and kamailio support TLS 1.0
>- not having a common cypher
Hmmm, if both
client and kamailio use the same version of openSSL, and both
are configured to use TLS 1.0, this should not happen.
>- requiring certificate, but the other party not
providing one
Nope. I don't use client certificates in my setup
>- requiring a valid certificate, but the validation
fails
I'm using a valid certificate issued and signed by StartCom, so this
should
not be an issue either. But I have heard anecdotal evidence that StartCom's
certificates sometimes don't play well with Kamailio. Has anyone heard of
issues like these?
Peter
On Tue, Oct 7, 2014 at 9:01 AM, Daniel-Constantin Mierla <miconda(a)gmail.com>
wrote:
Hello,
the errors can be because of various reasons such as:
- requiring a tls method not supported (tlsv1, ...)
- not having a common cypher
- requiring certificate, but the other party not providing one
- requiring a valid certificate, but the validation fails
Try to run with debug=3 and see if you can spot further hints from the
debug messages.
Cheers,
Daniel
On 06/10/14 10:44, Petr.Wozniak(a)seznam.cz wrote:
Hello All,
I have installed kamailio with TLS module together with siremis on
server and all seems works fine except that sometimes appear in syslog
file the following errors:
/usr/sbin/kamailio[3266]: ERROR: <core> [tcp_read.c:289]:
tcp_read_data(): error reading: Connection timed out (110)
/usr/sbin/kamailio[3266]: ERROR: <core> [tcp_read.c:1281]: tcp_read_req():
ERROR: tcp_read_req: error reading
/usr/sbin/kamailio[3268]: ERROR: <core> [tcp_read.c:289]: tcp_read_data():
error reading: Connection reset by peer (104)
Some part of syslog please you find enclosed.
I don't know where I should search for the cause of these errors and how
to debug and remove them. I don't know if these errors are caused by
incorrect kamailio configuration or are caused on client's side.
Thank you for your opinions and help in advance
Regards,
Petr
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing
listsr-users@lists.sip-router.orghttp://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin
Mierlahttp://twitter.com/#!/miconda -
http://www.linkedin.com/in/miconda
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users