hi, i follow the script on : http://www.opensips.org/html/docs/tutorials/tls-1.4.x.html
mainly, generated root certificate with: opensipsctl tls rootCA and then generate user (i.e. sip server) certificate with: opensipsctl tls userCERT user about the file ca_list, the wiki say: To add more CAs to your list, just do: - cat add_cacert.pem >> calist.pem but not sure about that, doesn't the last command should have updated the ca list? i see that the file isn't empty.. nir On Fri, Jan 15, 2010 at 6:35 PM, Bogdan-Andrei Iancu <[email protected] > wrote: > Hi Nir, > > I see you manage to start opensips with TLS - what was your error? > > for _tls_read -> that is very funny: SSL_read return err 5 > (SSL_ERROR_SYSCALL) which means to look at error stack/return > value/errno for the real error (the error was geerated somewhere deep in > the SSL underlayers), but the errno is Success and stack is empty > :P..... Looks like a ghost error... > > for tls_accept -> the error is in the stack, and after googling a bit -> > "obviously the CA that signed your clients is not known to the server. > Take a look at" > > http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6 > http://www.modssl.org/docs/2.8/ssl_reference.html#ToC14 > > > Regards, > Bogdan > > nir elkayam wrote: > > hi, > > > > i am using opensips/TLS, > > > > i get the following error > > Jan 14 22:53:54 [19740] ERROR:core:_tls_read: SYSCALL error -> (0) > > <Success> > > Jan 14 22:53:54 [19740] ERROR:core:_tls_read: something wrong in SSL: 5 > > Jan 14 22:53:54 [19740] ERROR:core:tcp_read_req: failed to read > > Jan 14 22:54:46 [19740] ERROR:core:tls_accept: some error in SSL > > (ret=0, err=1, errno=0/Success): > > Jan 14 22:54:46 [19740] ERROR:core:tls_print_errstack: > > error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca > > > > any hinst about these? > > actually the client works but error in encryption process is not good, > > i think > > > > thanks > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > Users mailing list > > [email protected] > > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > > > > > -- > Bogdan-Andrei Iancu > www.voice-system.ro > > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > -- ניר אלקיים טל: 050-3930056 [email protected]
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
