I think what the earlier point was to use: [client:default] verify_certificate = no require_certificate = no
Not require, verify - as yes, but set as no. On Thu, Dec 14, 2023 at 9:58 AM faisalahmadkhan via sr-dev < [email protected]> wrote: > these are now my new configs to address the sni issue what do you think > issue might be. > > [server:default] > method = TLSv1.2+ > verify_certificate = yes > require_certificate = yes > private_key = /etc/letsencrypt/live/abcsbc.com/privkey.pem > certificate = /etc/letsencrypt/live/abcsbc.com/fullchain.pem > ca_list = /etc/kamailio/ca_list.pem > #ca_list = /etc/letsencrypt/live/abcsbc.com/cert.pem > > > [server:172.31.19.8:5061] > method = TLSv1.2+ > verify_certificate = yes > require_certificate = yes > private_key = /etc/letsencrypt/live/abcsbc.com/privkey.pem > certificate = /etc/letsencrypt/live/abcsbc.com/fullchain.pem > ca_list = /etc/kamailio/ca_list.pem > server_name = localhost > #ca_list = /etc/letsencrypt/live/abcsbc.com/cert.pem > > > [client:default] > method = TLSv1.2+ > verify_certificate = yes > require_certificate = yes > private_key = /etc/letsencrypt/live/abcsbc.com/privkey.pem > certificate = /etc/letsencrypt/live/abcsbc.com/fullchain.pem > ca_list = /etc/kamailio/ca_list.pem > #ca_list = /etc/letsencrypt/live/abcsbc.com/cert.pem > > Dec 14 17:55:30 abcsbc.com /usr/sbin/kamailio[9381]: INFO: <script>: Sent out > tm request: OPTIONS sip:sip.pstnhub.microsoft.com:5061;transport=tls SIP/2.0 > Via: SIP/2.0/TLS > abcsbc.com:5061;branch=z9hG4bK9503.01286945000000000000000000000000.0 > To: > <sip:sip.pstnhub.microsoft.com:5061;transport=tls> > From: > <sip:abcsbc.com>;tag=64ff6b492a7d9ab14de1f0b7c15c9c17-751e2d5e > CSeq: 10 OPTIONS > Call-ID: > [email protected] > > > Max-Forwards: 70 > Content-Length: 0 > User-Agent: > kamailio (5.6.5 (x86_64/linux)) > Dec 14 17:55:30 abcsbc.com /usr/sbin/kamailio[9381]: INFO: <script>: Sent out > tm request: OPTIONS sip:sip2.pstnhub.microsoft.com:5061;transport=tls SIP/2.0 > Via: SIP/2.0/TLS > abcsbc.com:5061;branch=z9hG4bKa503.87bed643000000000000000000000000.0 > To: > <sip:sip2.pstnhub.microsoft.com:5061;transport=tls> > From: > <sip:abcsbc.com>;tag=64ff6b492a7d9ab14de1f0b7c15c9c17-dbf96c3a > CSeq: 10 OPTIONS > Call-ID: > [email protected] > Max-Forwards: 70 > Content-Length: 0 > User-Agent: > kamailio (5.6.5 (x86_64/linux)) > Dec 14 17:55:30 abcsbc.com /usr/sbin/kamailio[9395]: ERROR: tls > [tls_server.c:1319]: tls_h_read_f(): protocol level error > Dec 14 17:55:30 abcsbc.com /usr/sbin/kamailio[9395]: ERROR: tls > [tls_util.h:49]: tls_err_ret(): TLS write:error:1416F086:SSL > routines:tls_process_server_certificate:certificate verify failed (sni: > unknown) > Dec 14 17:55:30 abcsbc.com /usr/sbin/kamailio[9395]: ERROR: tls > [tls_server.c:1323]: tls_h_read_f(): src addr: 52.114.148.0:5061 > Dec 14 17:55:30 abcsbc.com /usr/sbin/kamailio[9395]: ERROR: tls > [tls_server.c:1326]: tls_h_read_f(): dst addr: 172.31.19.8:0 > Dec 14 17:55:30 abcsbc.com /usr/sbin/kamailio[9395]: ERROR: <core> > [core/tcp_read.c:1499]: tcp_read_req(): ERROR: tcp_read_req: error reading - > c: 0x7f3d122d4058 r: 0x7f3d122d4180 (-1) > > > — > Reply to this email directly, view it on GitHub > <https://github.com/kamailio/kamailio/issues/3675#issuecomment-1856329261>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/ABO7UZIMPBSDUYU3BTTD34LYJM4W7AVCNFSM6AAAAABAT24UQWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNJWGMZDSMRWGE> > . > You are receiving this because you are subscribed to this thread.Message > ID: <kamailio/kamailio/issues/3675/[email protected]> > _______________________________________________ > Kamailio (SER) - Development Mailing List > To unsubscribe send an email to [email protected] >
_______________________________________________ Kamailio (SER) - Development Mailing List To unsubscribe send an email to [email protected]
