though it shows everything is working fine from sipp end... my capacity with sipp+tls is around 20% to normal sipp. i mean normal kamailio without tls.
ant kamailio log gives this error: 18 14:52:43 localhost ./sbin/kamailio[16989]: ERROR:core:tcp_read_req: failed to read Feb 18 14:52:43 localhost ./sbin/kamailio[16991]: ERROR:core:_tls_read: something wrong in SSL: 5 Feb 18 14:52:43 localhost ./sbin/kamailio[16991]: ERROR:core:tcp_read_req: failed to read Feb 18 14:52:43 localhost ./sbin/kamailio[16987]: ERROR:core:_tls_read: something wrong in SSL: 5 Feb 18 14:52:43 localhost ./sbin/kamailio[16987]: ERROR:core:tcp_read_req: failed to read Feb 18 14:52:43 localhost ./sbin/kamailio[16989]: ERROR:core:_tls_read: something wrong in SSL: 5 Feb 18 14:52:43 localhost ./sbin/kamailio[16989]: ERROR:core:tcp_read_req: failed to read Feb 18 14:52:43 localhost ./sbin/kamailio[16991]: ERROR:core:_tls_read: something wrong in SSL: 5 Feb 18 14:52:43 localhost ./sbin/kamailio[16991]: ERROR:core:tcp_read_req: failed to read Feb 18 14:52:43 localhost ./sbin/kamailio[16987]: ERROR:core:_tls_read: something wrong in SSL: 5 Feb 18 14:52:43 localhost ./sbin/kamailio[16987]: ERROR:core:tcp_read_req: failed to read Feb 18 14:52:43 localhost ./sbin/kamailio[16989]: ERROR:core:_tls_read: something wrong in SSL: 5 Feb 18 14:52:43 localhost ./sbin/kamailio[16989]: ERROR:core:tcp_read_req: failed to read Feb 18 14:52:43 localhost ./sbin/kamailio[16991]: ERROR:core:_tls_read: something wrong in SSL: 5 Feb 18 14:52:43 localhost ./sbin/kamailio[16991]: ERROR:core:tcp_read_req: failed to read Feb 18 14:52:43 localhost ./sbin/kamailio[16987]: ERROR:core:_tls_read: something wrong in SSL: 5 Feb 18 14:52:43 localhost ./sbin/kamailio[16987]: ERROR:core:tcp_read_req: failed to read Feb 18 14:52:43 localhost ./sbin/kamailio[16989]: ERROR:core:_tls_read: something wrong in SSL: 5 Feb 18 14:52:43 localhost ./sbin/kamailio[16989]: ERROR:core:tcp_read_req: failed to read Feb 18 14:52:43 localhost ./sbin/kamailio[16987]: ERROR:core:_tls_read: something wrong in SSL: 5 Feb 18 14:52:43 localhost ./sbin/kamailio[16987]: ERROR:core:tcp_read_req: failed to read Feb 18 14:52:43 localhost ./sbin/kamailio[16989]: ERROR:core:_tls_read: something wrong in SSL: 5 Feb 18 14:52:43 localhost ./sbin/kamailio[16989]: ERROR:core:tcp_read_req: failed to read Feb 18 14:52:43 localhost ./sbin/kamailio[16987]: ERROR:core:_tls_read: something wrong in SSL: 5 Feb 18 14:52:43 localhost ./sbin/kamailio[16987]: ERROR:core:tcp_read_req: failed to read Feb 18 14:52:43 localhost ./sbin/kamailio[16989]: ERROR:core:_tls_read: something wrong in SSL > > i had created user certificate during process,which i set in kamailio > config file. > When i gave same certificate and private key to sipp...then it works.. > > > but i am not sure if this is the right way. > > Becaue i also for testing created another certificates signed by same > rootCA, and when imported those to sipp....they didnt work... > > > i am confused...that am i using TLS the way it should be or not? > > can anyone suggest some nice docs/tutorials about TLS? pls dont just give > me google results.. > > > > -- > Regards, > > Hemanshu Patel > > M: 09601295238 > > > >> Hello friendsm, >> >> I am testing TLS feature of both kamailio and Sipp. >> >> I first downloaded kamailio 1.5.x TLS supported version, uncommented >> TLS=1 >> from Makefiel and then build the kamailio. >> first i test kamailio without TLS with sipp for registration and >> everything works file. >> >> Then i follow "http://www.kamailio.org/docs/tls-devel.html"; and creates >> rootCA, user certificates and all configuration parameters to >> kamailio.cfg >> file >> >> Config paras are as below: >> >> >> /* uncomment the following lines to enable TLS support (default off) */ >> disable_tls = no >> listen = tls:172.16.16.218:5091 >> tls_verify_server = 1 >> tls_verify_client = 1 >> tls_require_client_certificate = 1 >> tls_method = TLSv1 >> tls_certificate = >> "/data/hemanshu/install/kam-tls/etc/kamailio/tls/user/user-cert.pem" >> tls_private_key = >> "/data/hemanshu/install/kam-tls/etc/kamailio/tls/user/user-privkey.pem" >> tls_ca_list = >> "/data/hemanshu/install/kam-tls/etc/kamailio/tls/user/user-calist.pem" >> >> >> and restart kamailio server >> >> It works and i can see via netstat on port 5091. >> >> but when i starts sipp it gives me following error. >> >> [heman...@localhost sipp.3.1]$ ./sipp -sf ./data/rauth.xml -inf >> ./data/user.csv -r 1 -m 1 -trace_err -trace_stat -nd -fd 1 -i >> 172.16.16.218 172.16.16.218:5091 -t l1 >> 2010-02-18 13:51:40:244 1266481300.244432: FI_init_ssl_context: >> SSL_CTX_use_certificate_file failed. >> >> >> I know i have built sipp with TLS support, then i can not figure out >> where >> is the problem. >> Sipp says user certification file failed ..but client doesnt need any >> certification file...or does it? >> >> i even tried with tls_verify_client = 1 , >> tls_require_client_certificate >> = 1, playing with different combinations...but still same ans. >> >> >> Can anyone suggest me what could be wrong? >> Have i made any mistake in configuring kamailio or theres some problem >> in >> SIPP. >> >> >> >> >> >> -- >> Regards, >> >> Hemanshu Patel >> >> M: 09601295238 >> >> >> _______________________________________________ >> Kamailio (OpenSER) - Users mailing list >> Users@lists.kamailio.org >> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users >> http://lists.openser-project.org/cgi-bin/mailman/listinfo/users >> > > > > -- Regards, Hemanshu Patel M: 09601295238 _______________________________________________ Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
