On 11/5/2012 4:50 PM, Tony Graziano wrote: > I am seeing the following message within the rls logs: > > sipxrls:"OsSSLServerSocket SSL_accept SSL handshake error:\n SSL > error: 1 'error:00000001:lib(0):func(0):reason(1)'" > sipxrls:"OsSSLServerSocket SSL_accept SSL handshake error:\n SSL > error: 336027900 'error:140760FC:SSL > routines:SSL23_GET_CLIENT_HELLO:unknown protocol'" > sipxrls:"SipPublishContentMgr::getContent no container found for key > 'sip:~~rl~C~~~id~xmpprlsclient... > > (as is relates to the RLS component) > > So I am wondering if someone can explain what the "unknown protocol" > means in this instance. The certificate was created in the exact way > it should have, by the system, one time at startup. I see > presenceserver says disabled but shows "running" in sipxconfig and if > I start manually via sipxproc it stays "running" (no change in > sipxconfig). > > I then tried to disable TLS and that broke nat traversal rules and > failed to start proxy, so that did not help. > > I tried deleting the tmp imdb.* files and restarting presence from > sipxconfig but that did not help. The ownership of the files and sizes > look accurate (they were recreated when I restarted presence manually). > > So this is SOLVED as far as the CPU level is concerned. I found a > device that has not been reconfigured (a valcom paging gateway) that > is essentially trying to register without an account, and the > registrar logs show 50-100 per minute (attempts). The rate limiting iptables rule may have help you here. But not fixed the problem ;-) > > I still think there is an SSL issue. Does anyone have any ideas on how > to figure this out? > > That is what I think also. I have disable 5061 forwarding on the firewall for remote clients way back around #18 (I believe) and have enjoyed a few weeks of quite with #22 now. All local clients are not using ssl.
-- Regards -------------------------------------- Gerald Drouillard Technology Architect Drouillard & Associates, Inc. http://www.Drouillard.biz _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
