Not sure if the logs a clear on what/when connection is rejected. I can share a few troubleshooting hints :
1: Check if you are using the setting require_certificate try to set it to no and test again. 2: You can verify that you can connect to our proxy using libssl openssl s_client -showcerts -debug -verify_hostname <yourdomain.com> -servername <yourdomain.com> -connect <yourdomain.com>:5061 This command will produce a detailed report, if the connection does not work you may need to add the root CA from letsencrypt https://letsencrypt.org/certificates/ (If your Linux OS is a bit old, this will be the case) You can test with : openssl s_client -showcerts -debug -verify_hostname <yourdomain.com> -servername <yourdomain.com> -connect <yourdomain.com>:5061 -CAfile /etc/ssl/certs/isrgrootx1.pem 3: take a full TCP trace using tcpdump and look at the handshake, you may learn more about the failure/rejection Hope this will help you, to save some of your hair Julien On Thu, Feb 7, 2019 at 1:29 AM Gertjan Wolzak <[email protected]> wrote: > > > Hello Kamailions, > > Julien, thank you for the help, I have added the letsencrypt ca > certificate to the ca list, still no dice. > > So, still got lots of questions, but after my last booboo going to do some > more research and testing. When I have no more hair left will get back to > the list. > > Thanks for now. > > Rgds, > > Gertjan Wolzak > > > > > _______________________________________________ > Kamailio (SER) - Users Mailing List > [email protected] > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >
_______________________________________________ Kamailio (SER) - Users Mailing List [email protected] https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
