Hi All
My UA cant connect to tls on my openser server, as per logs everything seems fine ..I don't know why it disconnects in the end ..the log is http://java.pastebin.ca/948774
My TLS settings are
/* uncomment the following lines to enable TLS support (default off) */
#disable_tls = yes
disable_tls = no
listen = tls:xx.xx.x.xx.x
tls_verify_server = 1
tls_verify_client = 1
tls_require_client_certificate = 0
tls_method = TLSv1
#tls_certificate = "/usr/local/eyeball/license/cert.pem"
#tls_private_key = "/usr/local/eyeball/license/privkey.pem"
#tls_ca_list = "/usr/local/eyeball/license/splendor3.crtpvk.pem"
tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"
tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"
tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"
#port=5060
/* uncomment and configure the following line if you want openser to
bind on a specific interface/port/proto (default bind on all available) */
listen=udp:87.236.144.13:5060
#listen=tcp:87.236.144.12:5060
sip_warning=yes
Hi Ali,
The REGISTER gets to the server and it is processed by the routing script - your script tries to relay the request to another destination: Mar 19 12:04:42 [29280] DBG:tm:t_relay_to: new transaction fwd'ed
I would say the problem is on the cfg script and not in TLS part.
Regards, Bogdan
Ali Jawad wrote:
Hi All
My UA cant connect to tls on my openser server, as per logs everything seems fine ..I don’t know why it disconnects in the end ..the log is http://java.pastebin.ca/948774
My TLS settings are
/* uncomment the following lines to enable TLS support (default off) */
#disable_tls = yes
disable_tls = no
listen = tls:xx.xx.x.xx.x
tls_verify_server = 1
tls_verify_client = 1
tls_require_client_certificate = 0
tls_method = TLSv1
#tls_certificate = "/usr/local/eyeball/license/cert.pem"
#tls_private_key = "/usr/local/eyeball/license/privkey.pem"
#tls_ca_list = "/usr/local/eyeball/license/splendor3.crtpvk.pem"
tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"
tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"
tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"
#port=5060
/* uncomment and configure the following line if you want openser to
bind on a specific interface/port/proto (default bind on all available) */
listen=udp:87.236.144.13:5060
#listen=tcp:87.236.144.12:5060
sip_warning=yes
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
Hi Bodgan Thank you for your help
I had the following "now commented" statement in route[1]
route[1] {
xlog("L_INFO","rewritehostport to VOIP_GW:5060"); ## Removed On 1.36 25 03 08 ## sethostport("xx.xx.xx.xx:5060");
if (subst_uri('/(sip:.*);nat=yes/\1/')){ setbflag(6); };
if (isflagset(5)||isbflagset(6)) { route(3); }
if (!t_relay()) { sl_reply_error(); }; exit; }
I commented it out as you can see now I cant login either but I am getting these errors
Forbidden and Unauthorized
Another thing I would like to mention is that it worked with non TLS clients using the previous setups.
Thx for your help so far. -----Original Message----- From: Bogdan-Andrei Iancu [mailto:bogdan@voice-system.ro] Sent: Tuesday, March 25, 2008 1:02 PM To: Ali Jawad Cc: users@lists.openser.org Subject: Re: [OpenSER-Users] UA Cant Connect To TLS
Hi Ali,
The REGISTER gets to the server and it is processed by the routing script - your script tries to relay the request to another destination: Mar 19 12:04:42 [29280] DBG:tm:t_relay_to: new transaction fwd'ed
I would say the problem is on the cfg script and not in TLS part.
Regards, Bogdan
Ali Jawad wrote:
Hi All
My UA cant connect to tls on my openser server, as per logs everything
seems fine ..I don't know why it disconnects in the end ..the log is http://java.pastebin.ca/948774
My TLS settings are
/* uncomment the following lines to enable TLS support (default off)
*/
#disable_tls = yes
disable_tls = no
listen = tls:xx.xx.x.xx.x
tls_verify_server = 1
tls_verify_client = 1
tls_require_client_certificate = 0
tls_method = TLSv1
#tls_certificate = "/usr/local/eyeball/license/cert.pem"
#tls_private_key = "/usr/local/eyeball/license/privkey.pem"
#tls_ca_list = "/usr/local/eyeball/license/splendor3.crtpvk.pem"
tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"
tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"
tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"
#port=5060
/* uncomment and configure the following line if you want openser to
bind on a specific interface/port/proto (default bind on all
available) */
listen=udp:87.236.144.13:5060
#listen=tcp:87.236.144.12:5060
sip_warning=yes
------------------------------------------------------------------------
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
Hi Ali,
but the script you listed doesn't seam to be related to REGISTER processing....for a GW forwarding.
Regards, Bogdan
Ali Jawad wrote:
Hi Bodgan Thank you for your help
I had the following "now commented" statement in route[1]
route[1] {
xlog("L_INFO","rewritehostport to VOIP_GW:5060");## Removed On 1.36 25 03 08 ## sethostport("xx.xx.xx.xx:5060");
if (subst_uri('/(sip:.*);nat=yes/\1/')){ setbflag(6); }; if (isflagset(5)||isbflagset(6)) { route(3); } if (!t_relay()) { sl_reply_error(); }; exit;}
I commented it out as you can see now I cant login either but I am getting these errors
Forbidden and Unauthorized
Another thing I would like to mention is that it worked with non TLS clients using the previous setups.
Thx for your help so far. -----Original Message----- From: Bogdan-Andrei Iancu [mailto:bogdan@voice-system.ro] Sent: Tuesday, March 25, 2008 1:02 PM To: Ali Jawad Cc: users@lists.openser.org Subject: Re: [OpenSER-Users] UA Cant Connect To TLS
Hi Ali,
The REGISTER gets to the server and it is processed by the routing script - your script tries to relay the request to another destination: Mar 19 12:04:42 [29280] DBG:tm:t_relay_to: new transaction fwd'ed
I would say the problem is on the cfg script and not in TLS part.
Regards, Bogdan
Ali Jawad wrote:
Hi All
My UA cant connect to tls on my openser server, as per logs everything
seems fine ..I don't know why it disconnects in the end ..the log is http://java.pastebin.ca/948774
My TLS settings are
/* uncomment the following lines to enable TLS support (default off)
*/
#disable_tls = yes
disable_tls = no
listen = tls:xx.xx.x.xx.x
tls_verify_server = 1
tls_verify_client = 1
tls_require_client_certificate = 0
tls_method = TLSv1
#tls_certificate = "/usr/local/eyeball/license/cert.pem"
#tls_private_key = "/usr/local/eyeball/license/privkey.pem"
#tls_ca_list = "/usr/local/eyeball/license/splendor3.crtpvk.pem"
tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"
tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"
tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"
#port=5060
/* uncomment and configure the following line if you want openser to
bind on a specific interface/port/proto (default bind on all
available) */
listen=udp:87.236.144.13:5060
#listen=tcp:87.236.144.12:5060
sip_warning=yes
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
Thanks for your help and interest Bogdan..I know you are busy..I know that my script is related to the GW forwarding but that is the only thing related RELAY that I do "With reference to your first replay"
My config is http://pastebin.com/m45551815
-----Original Message----- From: Bogdan-Andrei Iancu [mailto:bogdan@voice-system.ro] Sent: Wednesday, March 26, 2008 3:07 PM To: Ali Jawad Cc: users@lists.openser.org Subject: Re: [OpenSER-Users] UA Cant Connect To TLS
Hi Ali,
but the script you listed doesn't seam to be related to REGISTER processing....for a GW forwarding.
Regards, Bogdan
Ali Jawad wrote:
Hi Bodgan Thank you for your help
I had the following "now commented" statement in route[1]
route[1] {
xlog("L_INFO","rewritehostport to VOIP_GW:5060");## Removed On 1.36 25 03 08 ## sethostport("xx.xx.xx.xx:5060");
if (subst_uri('/(sip:.*);nat=yes/\1/')){ setbflag(6); }; if (isflagset(5)||isbflagset(6)) { route(3); } if (!t_relay()) { sl_reply_error(); }; exit;}
I commented it out as you can see now I cant login either but I am getting these errors
Forbidden and Unauthorized
Another thing I would like to mention is that it worked with non TLS clients using the previous setups.
Thx for your help so far. -----Original Message----- From: Bogdan-Andrei Iancu [mailto:bogdan@voice-system.ro] Sent: Tuesday, March 25, 2008 1:02 PM To: Ali Jawad Cc: users@lists.openser.org Subject: Re: [OpenSER-Users] UA Cant Connect To TLS
Hi Ali,
The REGISTER gets to the server and it is processed by the routing script - your script tries to relay the request to another
destination:
Mar 19 12:04:42 [29280] DBG:tm:t_relay_to: new transaction fwd'ed
I would say the problem is on the cfg script and not in TLS part.
Regards, Bogdan
Ali Jawad wrote:
Hi All
My UA cant connect to tls on my openser server, as per logs
everything
seems fine ..I don't know why it disconnects in the end ..the log is http://java.pastebin.ca/948774
My TLS settings are
/* uncomment the following lines to enable TLS support (default off)
*/
#disable_tls = yes
disable_tls = no
listen = tls:xx.xx.x.xx.x
tls_verify_server = 1
tls_verify_client = 1
tls_require_client_certificate = 0
tls_method = TLSv1
#tls_certificate = "/usr/local/eyeball/license/cert.pem"
#tls_private_key = "/usr/local/eyeball/license/privkey.pem"
#tls_ca_list = "/usr/local/eyeball/license/splendor3.crtpvk.pem"
tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"
tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"
tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"
#port=5060
/* uncomment and configure the following line if you want openser to
bind on a specific interface/port/proto (default bind on all
available) */
listen=udp:87.236.144.13:5060
#listen=tcp:87.236.144.12:5060
sip_warning=yes
------------------------------------------------------------------------
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
-
Ali Jawad -
Bogdan-Andrei Iancu