4 May
2020
4 May
'20
10:15 p.m.
Hi all,
I have configured Kamailio for WebSockets following this guide as an
example:
https://github.com/havfo/WEBRTC-to-SIP/blob/master/etc/kamailio/kamailio.cfg
With sip.js and jssip I'm able to initiate a call from WebRTC to SIP and
establish a call successfully.
The issue arises when I try to receive a call from a SIP device. In this
case the call establishes but there is no audio in either direction.
I *think* the issue is with RTP Engine and I've raised a bug there, but I'm
not sure why it is misbehaving
https://github.com/sipwise/rtpengine/issues/983. There are some logs from
RTP engine posted here.
The sip device communicates with Kamailio over UDP / RTP, nothing is
encrypted.
I would appreciate any guidance.
Thanks in advance,
C
5 May
5 May
3:21 a.m.
Hi all,
I have configured Kamailio for WebSockets following this guide as an
example:
https://github.com/havfo/WEBRTC-to-SIP/blob/master/etc/kamailio/kamailio.cfg
With sip.js and jssip I'm able to initiate a call from WebRTC to SIP and
establish a call successfully.
The issue arises when I try to receive a call from a SIP device. In this
case the call establishes but there is no audio in either direction.
I *think* the issue is with RTP Engine and I've raised a bug there, but I'm
not sure why it is misbehaving
https://github.com/sipwise/rtpengine/issues/983. There are some logs from
RTP engine posted here.
The sip device communicates with Kamailio over UDP / RTP, nothing is
encrypted.
I would appreciate any guidance.
Thanks in advance,
C
11 May
11 May
3 p.m.
Hello,
I see this was discussed further on rtpengine issue tracker. Did using a
newer version of rtpengine made it work?
The typical hint I have is to look at javascript console in the browser,
there should be logs printed when some dtls negotiation fails.
Cheers,
Daniel
On 05.05.20 02:21, Chirag Desai wrote:
Hi all,
I have configured Kamailio for WebSockets following this guide as an
example: https://github.com/havfo/WEBRTC-to-SIP/blob/master/etc/kamailio/kamailio.cfg
With sip.js and jssip I'm able to initiate a call from WebRTC to SIP
and establish a call successfully.
The issue arises when I try to receive a call from a SIP device. In
this case the call establishes but there is no audio in either direction.
I *think* the issue is with RTP Engine and I've raised a bug there,
but I'm not sure why it is
misbehaving https://github.com/sipwise/rtpengine/issues/983. There are
some logs from RTP engine posted here.
The sip device communicates with Kamailio over UDP / RTP, nothing is
encrypted.
I would appreciate any guidance.
Thanks in advance,
C
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Funding: https://www.paypal.me/dcmierla
15 May
15 May
2:21 a.m.
Hi Daniel,
I set up a brand new install of the latest versions of Kamailio and RTP
Engine. They're both up and running but I'm hitting a different error
whereby I get the following error from JSSIP:
jssip-3.4.3.min.js:9 WebSocket connection to 'wss://mydomain.com:5061/'
failed: Connection closed before receiving a handshake response
Please note that mydomain.com is set as an alias in Kamailio. I don't see
anything in the logs about the websocket connection so I'm at a bit of a
loss here. Any advice is most appreciated.
Thanks!
3:41 a.m.
Are you sure 5061 is your wss port?
At least by default in the webrtc project you used, wss listens on port 4443
On Thu, May 14, 2020 at 7:29 PM Chirag Desai <c.desai(a)rxhost.co.uk> wrote:
Hi Daniel,
I set up a brand new install of the latest versions of Kamailio and RTP
Engine. They're both up and running but I'm hitting a different error
whereby I get the following error from JSSIP:
jssip-3.4.3.min.js:9 WebSocket connection to 'wss://mydomain.com:5061/'
failed: Connection closed before receiving a handshake response
Please note that mydomain.com is set as an alias in Kamailio. I don't see
anything in the logs about the websocket connection so I'm at a bit of a
loss here. Any advice is most appreciated.
Thanks!
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
5:23 p.m.
So it looks like I do indeed get logs. This is when trying to connect wss
to 5061. I tried to connect just WS on 5060 and 5061 but still get an error.
What's odd is the kamailio.cfg file is a copy of the file I was running on
another machine. I changed the necessary bits, updated the certificates in
tls.cfg, but it doesn't connect. On the older machine running kamailio the
webrtc pages have no issue connecting. Any ideas?
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/ip_addr.c:229]: print_ip(): tcpconn_new: new tcp connection:
[BROWSER_IP]
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:1236]: tcpconn_new(): on port 42610, type 3
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:1555]: tcpconn_add(): hashes: 3294:2497:2595, 5
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/io_wait.h:377]: io_watch_add(): DBG: io_watch_add(0x5599fd7a8ae0, 29,
2, 0x7fb8b073bb70), fd_no=19
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/io_wait.h:599]: io_watch_del(): DBG: io_watch_del (0x5599fd7a8ae0,
29, -1, 0x0) fd_no=20 called
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:4517]: handle_tcpconn_ev(): sending to child, events 1
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:4187]: send2child(): selected tcp worker idx:0 proc:11
pid:2158 for activity on [tls:[KAMAILIO_PUBLIC_IP]:5061], 0x7fb8b073bb70
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:1759]: handle_io(): received n=8 con=0x7fb8b073bb70, fd=11
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: tls
[tls_server.c:199]: tls_complete_init(): completing tls connection
initialization
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: tls
[tls_server.c:228]: tls_complete_init(): Using initial TLS domain
TLSs<default> (dom 0x7fb8b0672518 ctx 0x7fb8b0698018 sn [sip.mydomain.com])
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: tls
[tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for
SSL_CTX-0x7fb8b0698018: (nil)
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: tls
[tls_domain.c:737]: sr_ssl_ctx_info_callback(): SSL handshake started
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: tls
[tls_domain.c:938]: tls_server_name_cb(): received server_name (TLS
extension): 'sip.mydomain.com'
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: tls
[tls_domain.c:957]: tls_server_name_cb(): TLS cfg domain selected for
received server name [sip.mydomain.com]: socket [:0] server name='
sip.mydomain.com' - switching SSL CTX to 0x7fb8b0698018 dom 0x7fb8b0672518
(default)
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_main.c:2767]: tcpconn_do_send(): sending...
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_main.c:2801]: tcpconn_do_send(): after real write: c=
0x7fb8b073bb70 n=3183 fd=11
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_main.c:2802]: tcpconn_do_send(): buf=#012#026#003#003
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/io_wait.h:377]: io_watch_add(): DBG: io_watch_add(0x5599fd8147c0, 11,
2, 0x7fb8b073bb70), fd_no=1
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:198]: tcp_emit_closed_event(): TCP closed event creation
triggered (reason: 0)
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:206]: tcp_emit_closed_event(): no callback registering for
handling TCP closed event
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:317]: tcp_read_data(): EOF on 0x7fb8b073bb70, FD 11
([[BROWSER_IP]]:42610 ->
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:319]: tcp_read_data(): -> [ IC_IP]]:5061)
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: tls
[tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for
SSL_CTX-0x7fb8b0698018: (nil)
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:1527]: tcp_read_req(): EOF
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/io_wait.h:599]: io_watch_del(): DBG: io_watch_del (0x5599fd8147c0,
11, -1, 0x10) fd_no=2 called
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:1680]: release_tcpconn(): releasing con 0x7fb8b073bb70,
state -1, fd=11, id=5 ([[BROWSER_IP]]:42610 -> [[BROWSER_IP]]:5061)
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:1684]: release_tcpconn(): extra_data 0x7fb8b075db18
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:3619]: handle_tcp_child(): reader response= 7fb8b073bb70,
-1 from 0
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: tls
[tls_server.c:683]: tls_h_close(): Closing SSL connection 0x7fb8b075db18
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/ip_addr.c:229]: print_ip(): tcpconn_new: new tcp connection:
[BROWSER_IP]
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:1236]: tcpconn_new(): on port 42636, type 3
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:1555]: tcpconn_add(): hashes: 3105:2366:2780, 6
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/io_wait.h:377]: io_watch_add(): DBG: io_watch_add(0x5599fd7a8ae0, 29,
2, 0x7fb8b073bb70), fd_no=19
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/io_wait.h:599]: io_watch_del(): DBG: io_watch_del (0x5599fd7a8ae0,
29, -1, 0x0) fd_no=20 called
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:4517]: handle_tcpconn_ev(): sending to child, events 1
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:4187]: send2child(): selected tcp worker idx:1 proc:12
pid:2159 for activity on [tls:[KAMAILIO_PUBLIC_IP]:5061], 0x7fb8b073bb70
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:1759]: handle_io(): received n=8 con=0x7fb8b073bb70, fd=11
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: tls
[tls_server.c:199]: tls_complete_init(): completing tls connection
initialization
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: tls
[tls_server.c:228]: tls_complete_init(): Using initial TLS domain
TLSs<default> (dom 0x7fb8b0672518 ctx 0x7fb8b06997c8 sn [sip.mydomain.com])
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: tls
[tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for
SSL_CTX-0x7fb8b06997c8: (nil)
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: tls
[tls_domain.c:737]: sr_ssl_ctx_info_callback(): SSL handshake started
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: tls
[tls_domain.c:938]: tls_server_name_cb(): received server_name (TLS
extension): 'sip.mydomain.com'
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: tls
[tls_domain.c:957]: tls_server_name_cb(): TLS cfg domain selected for
received server name [sip.mydomain.com]: socket [:0] server name='
sip.mydomain.com' - switching SSL CTX to 0x7fb8b06997c8 dom 0x7fb8b0672518
(default)
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_main.c:2767]: tcpconn_do_send(): sending...
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_main.c:2801]: tcpconn_do_send(): after real write: c=
0x7fb8b073bb70 n=3183 fd=11
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_main.c:2802]: tcpconn_do_send(): buf=#012#026#003#003
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/io_wait.h:377]: io_watch_add(): DBG: io_watch_add(0x5599fd8147c0, 11,
2, 0x7fb8b073bb70), fd_no=1
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:198]: tcp_emit_closed_event(): TCP closed event creation
triggered (reason: 0)
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:206]: tcp_emit_closed_event(): no callback registering for
handling TCP closed event
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:317]: tcp_read_data(): EOF on 0x7fb8b073bb70, FD 11
([[BROWSER_IP]]:42636 ->
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:319]: tcp_read_data(): -> [[KAMAILIO_PUBLIC_IP]]:5061)
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: tls
[tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for
SSL_CTX-0x7fb8b06997c8: (nil)
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:1527]: tcp_read_req(): EOF
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/io_wait.h:599]: io_watch_del(): DBG: io_watch_del (0x5599fd8147c0,
11, -1, 0x10) fd_no=2 called
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:1680]: release_tcpconn(): releasing con 0x7fb8b073bb70,
state -1, fd=11, id=6 ([[BROWSER_IP]]:42636 -> [[BROWSER_IP]]:5061)
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:1684]: release_tcpconn(): extra_data 0x7fb8b075db18
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:3619]: handle_tcp_child(): reader response= 7fb8b073bb70,
-1 from 1
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: tls
[tls_server.c:683]: tls_h_close(): Closing SSL connection 0x7fb8b075db18
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/ip_addr.c:229]: print_ip(): tcpconn_new: new tcp connection:
[BROWSER_IP]
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:1236]: tcpconn_new(): on port 42662, type 3
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:1555]: tcpconn_add(): hashes: 3083:2324:2806, 7
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/io_wait.h:377]: io_watch_add(): DBG: io_watch_add(0x5599fd7a8ae0, 29,
2, 0x7fb8b073bb70), fd_no=19
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/io_wait.h:599]: io_watch_del(): DBG: io_watch_del (0x5599fd7a8ae0,
29, -1, 0x0) fd_no=20 called
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:4517]: handle_tcpconn_ev(): sending to child, events 1
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:4187]: send2child(): selected tcp worker idx:2 proc:13
pid:2160 for activity on [tls:[KAMAILIO_PUBLIC_IP]:5061], 0x7fb8b073bb70
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:1759]: handle_io(): received n=8 con=0x7fb8b073bb70, fd=11
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: tls
[tls_server.c:199]: tls_complete_init(): completing tls connection
initialization
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: tls
[tls_server.c:228]: tls_complete_init(): Using initial TLS domain
TLSs<default> (dom 0x7fb8b0672518 ctx 0x7fb8b069af78 sn [sip.mydomain.com])
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: tls
[tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for
SSL_CTX-0x7fb8b069af78: (nil)
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: tls
[tls_domain.c:737]: sr_ssl_ctx_info_callback(): SSL handshake started
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: tls
[tls_domain.c:938]: tls_server_name_cb(): received server_name (TLS
extension): 'sip.mydomain.com'
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: tls
[tls_domain.c:957]: tls_server_name_cb(): TLS cfg domain selected for
received server name [sip.mydomain.com]: socket [:0] server name='
sip.mydomain.com' - switching SSL CTX to 0x7fb8b069af78 dom 0x7fb8b0672518
(default)
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_main.c:2767]: tcpconn_do_send(): sending...
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_main.c:2801]: tcpconn_do_send(): after real write: c=
0x7fb8b073bb70 n=3183 fd=11
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_main.c:2802]: tcpconn_do_send(): buf=#012#026#003#003
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/io_wait.h:377]: io_watch_add(): DBG: io_watch_add(0x5599fd8147c0, 11,
2, 0x7fb8b073bb70), fd_no=1
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:198]: tcp_emit_closed_event(): TCP closed event creation
triggered (reason: 0)
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:206]: tcp_emit_closed_event(): no callback registering for
handling TCP closed event
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:317]: tcp_read_data(): EOF on 0x7fb8b073bb70, FD 11
([[BROWSER_IP]]:42662 ->
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:319]: tcp_read_data(): -> [[KAMAILIO_PUBLIC_IP]]:5061)
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: tls
[tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for
SSL_CTX-0x7fb8b069af78: (nil)
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:1527]: tcp_read_req(): EOF
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/io_wait.h:599]: io_watch_del(): DBG: io_watch_del (0x5599fd8147c0,
11, -1, 0x10) fd_no=2 called
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:1680]: release_tcpconn(): releasing con 0x7fb8b073bb70,
state -1, fd=11, id=7 ([[BROWSER_IP]]:42662 -> [[BROWSER_IP]]:5061)
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:1684]: release_tcpconn(): extra_data 0x7fb8b075db18
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:3619]: handle_tcp_child(): reader response= 7fb8b073bb70,
-1 from 2
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: tls
[tls_server.c:683]: tls_h_close(): Closing SSL connection 0x7fb8b075db18
17 May
17 May
12:20 a.m.
Hi all,
OK so I can now register using WS, but with WSS nothing seems to happen. It
looks like the handshake isn't working properly on the Kamailio side. It
resets prematurely and therefore the connection never succeeds. I've tried
different URIs, checked certificates. Checked the TLS connection with
openssl all to no avail.
There are no useful errors in the log, no matter how high I set the log
level. It looks like the request doesn't hit the routing logic at all
because I start my logic with an xlog statement but that never prints.
I would appreciate any guidance.
Thanks,
C
19 May
19 May
8:58 a.m.
Hello,
the private key for creating the tls connection is not found:
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: tls
[tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for
SSL_CTX-0x7fb8b0698018: (nil)
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:1527]: tcp_read_req(): EOF
Check the config options for tls module and the server profiles.
Cheers,
Daniel
On 15.05.20 16:23, Chirag Desai wrote:
So it looks like I do indeed get logs. This is when
trying to connect
wss to 5061. I tried to connect just WS on 5060 and 5061 but still get
an error.
What's odd is the kamailio.cfg file is a copy of the file I was
running on another machine. I changed the necessary bits, updated the
certificates in tls.cfg, but it doesn't connect. On the older machine
running kamailio the webrtc pages have no issue connecting. Any ideas?
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/ip_addr.c:229]: print_ip(): tcpconn_new: new tcp connection:
[BROWSER_IP]
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:1236]: tcpconn_new(): on port 42610, type 3
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:1555]: tcpconn_add(): hashes: 3294:2497:2595, 5
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/io_wait.h:377]: io_watch_add(): DBG:
io_watch_add(0x5599fd7a8ae0, 29, 2, 0x7fb8b073bb70), fd_no=19
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/io_wait.h:599]: io_watch_del(): DBG: io_watch_del
(0x5599fd7a8ae0, 29, -1, 0x0) fd_no=20 called
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:4517]: handle_tcpconn_ev(): sending to child, events 1
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:4187]: send2child(): selected tcp worker idx:0
proc:11 pid:2158 for activity on [tls:[KAMAILIO_PUBLIC_IP]:5061],
0x7fb8b073bb70
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:1759]: handle_io(): received n=8 con=0x7fb8b073bb70,
fd=11
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: tls
[tls_server.c:199]: tls_complete_init(): completing tls connection
initialization
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: tls
[tls_server.c:228]: tls_complete_init(): Using initial TLS domain
TLSs<default> (dom 0x7fb8b0672518 ctx 0x7fb8b0698018 sn
[sip.mydomain.com <http://sip.mydomain.com>])
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: tls
[tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for
SSL_CTX-0x7fb8b0698018: (nil)
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: tls
[tls_domain.c:737]: sr_ssl_ctx_info_callback(): SSL handshake started
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: tls
[tls_domain.c:938]: tls_server_name_cb(): received server_name (TLS
extension): 'sip.mydomain.com <http://sip.mydomain.com>'
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: tls
[tls_domain.c:957]: tls_server_name_cb(): TLS cfg domain selected for
received server name [sip.mydomain.com <http://sip.mydomain.com>]:
socket [:0] server name='sip.mydomain.com <http://sip.mydomain.com>' -
switching SSL CTX to 0x7fb8b0698018 dom 0x7fb8b0672518 (default)
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_main.c:2767]: tcpconn_do_send(): sending...
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_main.c:2801]: tcpconn_do_send(): after real write: c=
0x7fb8b073bb70 n=3183 fd=11
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_main.c:2802]: tcpconn_do_send(): buf=#012#026#003#003
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/io_wait.h:377]: io_watch_add(): DBG:
io_watch_add(0x5599fd8147c0, 11, 2, 0x7fb8b073bb70), fd_no=1
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:198]: tcp_emit_closed_event(): TCP closed event
creation triggered (reason: 0)
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:206]: tcp_emit_closed_event(): no callback
registering for handling TCP closed event
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:317]: tcp_read_data(): EOF on 0x7fb8b073bb70, FD 11
([[BROWSER_IP]]:42610 ->
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:319]: tcp_read_data(): -> [ IC_IP]]:5061)
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: tls
[tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for
SSL_CTX-0x7fb8b0698018: (nil)
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:1527]: tcp_read_req(): EOF
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/io_wait.h:599]: io_watch_del(): DBG: io_watch_del
(0x5599fd8147c0, 11, -1, 0x10) fd_no=2 called
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:1680]: release_tcpconn(): releasing con
0x7fb8b073bb70, state -1, fd=11, id=5 ([[BROWSER_IP]]:42610 ->
[[BROWSER_IP]]:5061)
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2158]: DEBUG: <core>
[core/tcp_read.c:1684]: release_tcpconn(): extra_data 0x7fb8b075db18
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:3619]: handle_tcp_child(): reader response=
7fb8b073bb70, -1 from 0
May 15 14:17:12 pluto /usr/local/sbin/kamailio[2162]: DEBUG: tls
[tls_server.c:683]: tls_h_close(): Closing SSL connection 0x7fb8b075db18
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/ip_addr.c:229]: print_ip(): tcpconn_new: new tcp connection:
[BROWSER_IP]
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:1236]: tcpconn_new(): on port 42636, type 3
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:1555]: tcpconn_add(): hashes: 3105:2366:2780, 6
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/io_wait.h:377]: io_watch_add(): DBG:
io_watch_add(0x5599fd7a8ae0, 29, 2, 0x7fb8b073bb70), fd_no=19
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/io_wait.h:599]: io_watch_del(): DBG: io_watch_del
(0x5599fd7a8ae0, 29, -1, 0x0) fd_no=20 called
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:4517]: handle_tcpconn_ev(): sending to child, events 1
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:4187]: send2child(): selected tcp worker idx:1
proc:12 pid:2159 for activity on [tls:[KAMAILIO_PUBLIC_IP]:5061],
0x7fb8b073bb70
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:1759]: handle_io(): received n=8 con=0x7fb8b073bb70,
fd=11
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: tls
[tls_server.c:199]: tls_complete_init(): completing tls connection
initialization
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: tls
[tls_server.c:228]: tls_complete_init(): Using initial TLS domain
TLSs<default> (dom 0x7fb8b0672518 ctx 0x7fb8b06997c8 sn
[sip.mydomain.com <http://sip.mydomain.com>])
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: tls
[tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for
SSL_CTX-0x7fb8b06997c8: (nil)
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: tls
[tls_domain.c:737]: sr_ssl_ctx_info_callback(): SSL handshake started
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: tls
[tls_domain.c:938]: tls_server_name_cb(): received server_name (TLS
extension): 'sip.mydomain.com <http://sip.mydomain.com>'
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: tls
[tls_domain.c:957]: tls_server_name_cb(): TLS cfg domain selected for
received server name [sip.mydomain.com <http://sip.mydomain.com>]:
socket [:0] server name='sip.mydomain.com <http://sip.mydomain.com>' -
switching SSL CTX to 0x7fb8b06997c8 dom 0x7fb8b0672518 (default)
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_main.c:2767]: tcpconn_do_send(): sending...
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_main.c:2801]: tcpconn_do_send(): after real write: c=
0x7fb8b073bb70 n=3183 fd=11
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_main.c:2802]: tcpconn_do_send(): buf=#012#026#003#003
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/io_wait.h:377]: io_watch_add(): DBG:
io_watch_add(0x5599fd8147c0, 11, 2, 0x7fb8b073bb70), fd_no=1
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:198]: tcp_emit_closed_event(): TCP closed event
creation triggered (reason: 0)
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:206]: tcp_emit_closed_event(): no callback
registering for handling TCP closed event
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:317]: tcp_read_data(): EOF on 0x7fb8b073bb70, FD 11
([[BROWSER_IP]]:42636 ->
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:319]: tcp_read_data(): -> [[KAMAILIO_PUBLIC_IP]]:5061)
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: tls
[tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for
SSL_CTX-0x7fb8b06997c8: (nil)
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:1527]: tcp_read_req(): EOF
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/io_wait.h:599]: io_watch_del(): DBG: io_watch_del
(0x5599fd8147c0, 11, -1, 0x10) fd_no=2 called
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:1680]: release_tcpconn(): releasing con
0x7fb8b073bb70, state -1, fd=11, id=6 ([[BROWSER_IP]]:42636 ->
[[BROWSER_IP]]:5061)
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2159]: DEBUG: <core>
[core/tcp_read.c:1684]: release_tcpconn(): extra_data 0x7fb8b075db18
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:3619]: handle_tcp_child(): reader response=
7fb8b073bb70, -1 from 1
May 15 14:17:14 pluto /usr/local/sbin/kamailio[2162]: DEBUG: tls
[tls_server.c:683]: tls_h_close(): Closing SSL connection 0x7fb8b075db18
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/ip_addr.c:229]: print_ip(): tcpconn_new: new tcp connection:
[BROWSER_IP]
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:1236]: tcpconn_new(): on port 42662, type 3
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:1555]: tcpconn_add(): hashes: 3083:2324:2806, 7
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/io_wait.h:377]: io_watch_add(): DBG:
io_watch_add(0x5599fd7a8ae0, 29, 2, 0x7fb8b073bb70), fd_no=19
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/io_wait.h:599]: io_watch_del(): DBG: io_watch_del
(0x5599fd7a8ae0, 29, -1, 0x0) fd_no=20 called
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:4517]: handle_tcpconn_ev(): sending to child, events 1
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:4187]: send2child(): selected tcp worker idx:2
proc:13 pid:2160 for activity on [tls:[KAMAILIO_PUBLIC_IP]:5061],
0x7fb8b073bb70
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:1759]: handle_io(): received n=8 con=0x7fb8b073bb70,
fd=11
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: tls
[tls_server.c:199]: tls_complete_init(): completing tls connection
initialization
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: tls
[tls_server.c:228]: tls_complete_init(): Using initial TLS domain
TLSs<default> (dom 0x7fb8b0672518 ctx 0x7fb8b069af78 sn
[sip.mydomain.com <http://sip.mydomain.com>])
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: tls
[tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for
SSL_CTX-0x7fb8b069af78: (nil)
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: tls
[tls_domain.c:737]: sr_ssl_ctx_info_callback(): SSL handshake started
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: tls
[tls_domain.c:938]: tls_server_name_cb(): received server_name (TLS
extension): 'sip.mydomain.com <http://sip.mydomain.com>'
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: tls
[tls_domain.c:957]: tls_server_name_cb(): TLS cfg domain selected for
received server name [sip.mydomain.com <http://sip.mydomain.com>]:
socket [:0] server name='sip.mydomain.com <http://sip.mydomain.com>' -
switching SSL CTX to 0x7fb8b069af78 dom 0x7fb8b0672518 (default)
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_main.c:2767]: tcpconn_do_send(): sending...
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_main.c:2801]: tcpconn_do_send(): after real write: c=
0x7fb8b073bb70 n=3183 fd=11
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_main.c:2802]: tcpconn_do_send(): buf=#012#026#003#003
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/io_wait.h:377]: io_watch_add(): DBG:
io_watch_add(0x5599fd8147c0, 11, 2, 0x7fb8b073bb70), fd_no=1
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:198]: tcp_emit_closed_event(): TCP closed event
creation triggered (reason: 0)
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:206]: tcp_emit_closed_event(): no callback
registering for handling TCP closed event
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:317]: tcp_read_data(): EOF on 0x7fb8b073bb70, FD 11
([[BROWSER_IP]]:42662 ->
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:319]: tcp_read_data(): -> [[KAMAILIO_PUBLIC_IP]]:5061)
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: tls
[tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for
SSL_CTX-0x7fb8b069af78: (nil)
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:1527]: tcp_read_req(): EOF
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/io_wait.h:599]: io_watch_del(): DBG: io_watch_del
(0x5599fd8147c0, 11, -1, 0x10) fd_no=2 called
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:1680]: release_tcpconn(): releasing con
0x7fb8b073bb70, state -1, fd=11, id=7 ([[BROWSER_IP]]:42662 ->
[[BROWSER_IP]]:5061)
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2160]: DEBUG: <core>
[core/tcp_read.c:1684]: release_tcpconn(): extra_data 0x7fb8b075db18
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: <core>
[core/tcp_main.c:3619]: handle_tcp_child(): reader response=
7fb8b073bb70, -1 from 2
May 15 14:17:16 pluto /usr/local/sbin/kamailio[2162]: DEBUG: tls
[tls_server.c:683]: tls_h_close(): Closing SSL connection 0x7fb8b075db18
--
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Funding: https://www.paypal.me/dcmierla
10:35 p.m.
Hi Daniel,
Thanks for the response. I'm sure I have everything set up correctly.
Here's what's in my tls.cfg:
[server:default]
method = TLSv1.2+
verify_certificate = no
require_certificate = no
private_key = /etc/letsencrypt/live/sip.mydomain.com/privkey.pem
certificate = /etc/letsencrypt/live/sip.mydomain.com/fullchain.pem
server_name = sip.mydomain.com
Here's my kamailio.cfg
#!ifdef WITH_TLS
# ----- tls params -----
modparam("tls", "config",
"/usr/local/etc/kamailio/tls.cfg")
#!endif
If I run cat /etc/letsencrypt/live/sip.mydomain.com/privkey.pem I can see
the contents of the file. The permissions for the certificates are quite
liberal too, so there shouldn't be any issues there. Any other ideas?
Thanks so much for your help.
20 May
20 May
9:51 a.m.
Hello,
can you try to connect with openssl client tool and see if you get more
hints in the output? Like:
openssl s_client -connect sipserver.com:5061 -tlsextdebug
Cheers,
Daniel
On 19.05.20 21:35, Chirag Desai wrote:
Hi Daniel,
Thanks for the response. I'm sure I have everything set up correctly.
Here's what's in my tls.cfg:
[server:default]
method = TLSv1.2+
verify_certificate = no
require_certificate = no
private_key = /etc/letsencrypt/live/sip.mydomain.com/privkey.pem
<http://sip.mydomain.com/privkey.pem>
certificate = /etc/letsencrypt/live/sip.mydomain.com/fullchain.pem
<http://sip.mydomain.com/fullchain.pem>
server_name = sip.mydomain.com <http://sip.mydomain.com>
Here's my kamailio.cfg
#!ifdef WITH_TLS
# ----- tls params -----
modparam("tls", "config",
"/usr/local/etc/kamailio/tls.cfg")
#!endif
If I run cat /etc/letsencrypt/live/sip.mydomain.com/privkey.pem
<http://sip.mydomain.com/privkey.pem> I can see the contents of the
file. The permissions for the certificates are quite liberal too, so
there shouldn't be any issues there. Any other ideas?
Thanks so much for your help.
--
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Funding: https://www.paypal.me/dcmierla
11:30 a.m.
Hi Daniel,
This is the result:
openssl s_client -connect sip.mydomain.com:5061 -tlsextdebug
CONNECTED(00000005)
TLS server extension "supported versions" (id=43), len=2
0000 - 03 04 ..
TLS server extension "key share" (id=51), len=36
0000 - 00 1d 00 20 3b 06 9a e5-21 16 73 b1 db 04 55 47 ... ;.
..!.s...UG
0010 - 33 5a e0 98 af bf ba 3e-e6 0d 69 40 38 f8 c8 0b 3Z....
.>..i@8...
0020 - ed 79 f2 48 .y.H
TLS server extension "server name" (id=0), len=0
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority
X3
verify return:1
depth=0 CN = sip.mydomain.com
verify return:1
---
Certificate chain
0 s:CN = sip.mydomain.com
i:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
1 s:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
i:O = Digital Signature Trust Co., CN = DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
[REDACTED]
-----END CERTIFICATE-----
subject=CN = sip.mydomain.com
issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority
X3
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3115 bytes and written 400 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
read:errno=0
12:14 p.m.
Hello,
you trimmed the output, but I guess that the connection stayed open and
no errors were printed in kamailio logs.
That means, kamailio is doing ok. If the web browser has issues
connecting over tls, then the problem is somewhere else. Check the
logs/console of the browser to see if you get any hints there.
You can also list the tcp/tls connection via RPC and see if the
connection you expect is there.
Cheers,
Daniel
On 20.05.20 10:30, Chirag Desai wrote:
Hi Daniel,
This is the result:
openssl s_client -connect sip.mydomain.com:5061
<http://sip.mydomain.com:5061> -tlsextdebug
CONNECTED(00000005)
TLS server extension "supported versions" (id=43), len=2
0000 - 03 04 ..
TLS server extension "key share" (id=51), len=36
0000 - 00 1d 00 20 3b 06 9a e5-21 16 73 b1 db 04 55 47 ... ;.
..!.s...UG
0010 - 33 5a e0 98 af bf ba 3e-e6 0d 69 40 38 f8 c8 0b 3Z....
.>..i@8...
0020 - ed 79 f2 48 .y.H
TLS server extension "server name" (id=0), len=0
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority
X3
verify return:1
depth=0 CN = sip.mydomain.com <http://sip.mydomain.com>
verify return:1
---
Certificate chain
0 s:CN = sip.mydomain.com <http://sip.mydomain.com>
i:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
1 s:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
i:O = Digital Signature Trust Co., CN = DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
[REDACTED]
-----END CERTIFICATE-----
subject=CN = sip.mydomain.com <http://sip.mydomain.com>
issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority
X3
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3115 bytes and written 400 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
read:errno=0
--
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Funding: https://www.paypal.me/dcmierla
21 May
21 May
3:29 a.m.
Hi Daniel,
Thanks for your continued help here. I didn't trim the logs. That's all
that appeared. When I run the same command against my old Kamailio 4 server
I get a much longer message back.
The the newer kamailio 5 machine, I see similar logs when running the
openssl command as when I try to connect via the websocket.
I will have a look at the RPC, but I feel maybe something else is up.
Appreciate any further guidance.
Thanks,
C
3:48 a.m.
Hi Daniel,
I solved it! In the tls.cfg file I changed
method = TLSv1.2+
to
method = TLSv1.2
It seems like Kamailio wasn't liking the TLS 1.3 connections. The
documentation states it should work when using Open SSL 1.1.1 and I am
indeed using that, so I'm not sure what went wrong. Could it be a bug?
openssl version -a
OpenSSL 1.1.1 11 Sep 2018
I'm happy I have the WSS working now. I will test the audio shortly and
report back.
Thanks again for all your help,
C
10:32 a.m.
Hello,
I used:
openssl s_client -connect MYSERVER:5061 -tlsextdebug -tls1_3
and worked:
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
It connected to Kamailio master branch running on a Debian Buster (10).
Might be something specific to your environment.
Cheers,
Daniel
On 21.05.20 02:48, Chirag Desai wrote:
Hi Daniel,
I solved it! In the tls.cfg file I changed
method = TLSv1.2+
to
method = TLSv1.2
It seems like Kamailio wasn't liking the TLS 1.3 connections. The
documentation states it should work when using Open SSL 1.1.1 and I am
indeed using that, so I'm not sure what went wrong. Could it be a bug?
openssl version -a
OpenSSL 1.1.1 11 Sep 2018
I'm happy I have the WSS working now. I will test the audio shortly
and report back.
Thanks again for all your help,
C
--
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Funding: https://www.paypal.me/dcmierla
22 May
22 May
2:07 p.m.
Hi Daniel
Thanks so much for your help. I'm going to roll with TLS 1.2 for now, until
I find time to debug. I seem to have audio in both directions too! Now I
can continue building around kamailio. Thank you :)
Chirag
10:04 p.m.
Ok. Let us know if you find out anything related to tls 1.3 that impacts
Kamailio.
Cheers,
Daniel
On 22.05.20 13:07, Chirag Desai wrote:
Hi Daniel
Thanks so much for your help. I'm going to roll with TLS 1.2 for now,
until I find time to debug. I seem to have audio in both directions
too! Now I can continue building around kamailio. Thank you :)
Chirag
--
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Funding: https://www.paypal.me/dcmierla
1648
days inactive
1666
days old
16 comments
3 participants
participants (3)
-
Chirag Desai -
Daniel-Constantin Mierla -
Sergiu Pojoga