might be obvious but have you chequed permissions on your key file for the user running kannel?
|-----------------------------------------------------------------------------------------------------------------| Envíe y Reciba Datos y mensajes de Texto (SMS) hacia y desde cualquier celular y Nextel en el Perú, México y en mas de 180 paises. Use aplicaciones 2 vias via SMS y GPRS online Visitenos en www.perusms.NET www.smsglobal.com.mx y www.pravcom.com On Thu, Jul 21, 2011 at 1:22 PM, Armindo Antunes <[email protected]> wrote: > Hi again, > I'm now using openssl v0.9.8.h but it still crashes: > > (gdb) where > #0 0x0012d422 in __kernel_vsyscall () > #1 0x0030a651 in raise () from /lib/tls/i686/cmov/libc.so.6 > #2 0x0030da82 in abort () from /lib/tls/i686/cmov/libc.so.6 > #3 0x0034149d in ?? () from /lib/tls/i686/cmov/libc.so.6 > #4 0x003c2350 in __fortify_fail () from /lib/tls/i686/cmov/libc.so.6 > #5 0x003c22fa in __stack_chk_fail () from /lib/tls/i686/cmov/libc.so.6 > #6 0x080c977e in wtls_choose_ciphersuite (ciphersuites=0x82d8ac0) at > wap/wtls_statesupport.c:1190 > #7 0x080c018a in clientHello (event=<value optimized out>, > wtls_machine=0x82d8550) at wap/wtls.c:458 > #8 0x080c0ed9 in wtls_event_handle (arg=0x0) at wap/wtls_state-decl.h:480 > #9 main_thread (arg=0x0) at wap/wtls.c:397 > #10 0x080ea82d in new_thread (arg=0x82ce7e8) at gwlib/gwthread-pthread.c:362 > #11 0x001a196e in start_thread () from /lib/tls/i686/cmov/libpthread.so.0 > #12 0x003ada0e in clone () from /lib/tls/i686/cmov/libc.so.6 > (gdb) > > Can you provide the openssl commands you have used to create your > certificate? > I've created my the SSL certificate with the following commands: > openssl req -new -newkey rsa:1024 -keyout server.key -out server.req > openssl ca -policy policy_anything -notext -in server.req -out server.crt > > And the following configuration: > group = wtls > certificate-file = "/etc/kannel/server.crt" > privatekey-file = "/etc/kannel/server.key" > privatekey-password = "password" > > I've tried to remove the password from the private key file with the > command: > openssl x509 -in server.crt -out nopass.crt > > but it hasn't worked either: > 2011-07-21 19:18:59 [27074] [0] WARNING: Can't read private key > /app/users/vgw1.0/install/etc/kannel/nopass.key > > Any other idea? > Thanks in advance, > Armindo Antunes > > > On 06-07-2011 21:17, Nikos Balkanas wrote: > > Hmmm. I had tested it also with Openwave simulator, with no problems. Same > code is used in my commercial gateway in major ISPs (real mobile traffic) > without such problems either. It has been tested and developed using > openssh-0.9.8.[g,h]. Maybe there is something there. > Does this happen only with Openwave, and the 2 mobiles you mentioned, or > with just about anything you have tried? > Please post new detailed wapbox logs of 1 failed attempt. Compile with debug > CFLAGS (-g -Wall -- remove -s or -Ox) and if possible upload somewhere the > core for me (can send details personally). If not post the gdb core function > stack (use: where) > > BR, > Nikos > 2011/7/6 Armindo Antunes <[email protected]> >> >> Nikos, thanks for the feedback! >> See my questions below. >> Best regards, >> Armindo Antunes >> >> On 06-07-2011 17:27, Nikos Balkanas wrote: >>> >>> Hi, >>> >>> Look at the openssl site for certificate instructions. It is not kannel's >>> responsibility. >>> >>> Make sure that certificates are self-signed and without password. Comment >>> out privatekey-password from wtls configuration and retry. >> >> Still the same behavior... any other idea? >> >> >>> >>> Alex: >>> >>> There was a section in UG about wtls configuration. It even included >>> certificate generation instructions. Apparently this was removed. Now, that >>> wtls is supported again, it should be put back. >> >> Is it possible to recover this information? At least the certificate >> generation instructions? >> >> Thanks again, >> Armindo >> > > >
