Hi Henning, unfortunately, I don't have a host without traffic showing the same behavior. Our dev hosts usually don't run long enough. (And they usually don't get monitored.)
The "sporadically" meant, that it can take sometimes up to one week until it occurs on the same host again. And yes, some hosts have a bit more traffic than others, I suppose that's why it occurs earlier on some hosts, later on others. I guess we have to deploy updates more often. ;) Regards, Sebastian ----- Ursprüngliche Mail ----- Von: "Henning Westerholt" <[email protected]> An: "sr-users" <[email protected]> CC: "Sebastian Damm" <[email protected]> Gesendet: Dienstag, 24. August 2021 14:21:31 Betreff: RE: What does "tls.reload" actually do? Hello Sebastian, on a first look to the code the tls.reload does similar operations as done during normal server startup, like - load configuration - fixing domains - check sockets If the error only happens sporadic and, on some servers, it is probably either an error that only occurs in specific circumstances unrelated to kamailio, or some internal corruption topic in the module/server. Do you see it also on e.g., test systems without any real load? Is there a difference between the systems in kind of load, and this maybe also causes some difference when the error occurs? Cheers, Henning -- Henning Westerholt - https://skalatan.de/blog/ Kamailio services - https://gilawa.com -----Original Message----- From: sr-users <[email protected]> On Behalf Of Sebastian Damm Sent: Tuesday, August 24, 2021 1:58 PM To: sr-users <[email protected]> Subject: [SR-Users] What does "tls.reload" actually do? Hi, I noticed a strange behavior on some of our proxy servers, all running Kamailio 5.3.8. After running for some time (weeks), our monitoring system sporadically starts reporting errors. The check connects via tls and registers to an Asterisk behind the proxy server. When this happens, the Kamailio log shows the following line: ERROR: tls [tls_util.h:42]: tls_err_ret(): TLS accept:error:1409441B:SSL routines:ssl3_read_bytes:tlsv1 alert decrypt error When restarting Kamailio, the problem goes away only to come back after some weeks uptime again. On one host, I tried to find something using kamcmd, and I don't know why but I also issued "tls.reload". And from that point, the monitoring system has not reported the system as faulty anymore. I repeated the same thing on other hosts when the problem occured there, all with the same result. "tls.reload" helps. But from the documentation, I don't know why. Does anybody have an explanation for it? Regards, Sebastian __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions * [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions * [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
