Hi folks, It turned out to be a permission problem. The certificate (.pem file) was not readable by the apache user and it was therefore impossible to set the TLS socket. I was calling the PHP script with another user and I was able to read the certificate.
Aplogies for the noise and congratulations for such a good product. Best regards, Samuel. On 14 November 2011 18:19, Adrian Georgescu <[email protected]> wrote: > The only reason I can imagine is that you have not installed a PHP related > package for TLS or Encryption in the Apache version. > > I would check if I were you, the list of packages that I have installed > for the CLI version of PHP and the Apache version of PHP, the difference > could give me a clue about what am I missing o is different from the Apache > version. > > Adrian > > On Nov 14, 2011, at 1:15 PM, samuel wrote: > > > Hi folks, > > > > I've got the following scenario: > > CDRTool (8.2.2) installed from sources is trying to communicate to a > media-proxy dispatcher (2.5.2) installed from ag-projects repository. > > The problem I'm facing is that from the CDRTool web interface, when I > try to check the real-time usage in the section Sessions, the following > error appear: > > (...) > > Error connecting to tcp://W.X.Y.Z:25061: (Could not enable crypto) > > (...) > > > > The logs at the dispatcher server is the next one: > > (...) > > debug: Connection to Management interface client lost: A TLS packet with > unexpected length was received. > > (...) > > > > The "funny" thing is that if I use the following PHP script from the > CLI, using the same cert as the installation process describes, I'm able to > get the sessions: > > > > #!/usr/bin/php -q > > > > <?php > > $host ='W.X.Y.Z'; > > $port = 25061; > > $timeout = 10; > > $cert = './mediaproxy.W.X.Y.Z.pem'; > > $context = stream_context_create(array('ssl'=>array('local_cert'=> > $cert,))); > > $fp = stream_socket_client('tcp://'.$host.':'.$port, $errno, $errstr, > 30, STREAM_CLIENT_CONNECT, $context); > > if (!$fp) { > > echo "ERROR: $errno - $errstr\n"; > > } else { > > if (stream_socket_enable_crypto($fp, true, > STREAM_CRYPTO_METHOD_SSLv3_CLIENT)) { > > fputs($fp, "sessions\r\n"); > > echo fread($fp,8192); > > fclose($fp); > > } else { > > echo "ERROR: could not enable crypto\n"; > > } > > } > > > > ?> > > > > I've got the feeling there's some "stupid" thing either in apache2 or in > cdrtool configuration that does not let use TLS to the socket and it stays > in "TCP-mode". Can anyone provide any shed on this issue? > > > > Thank you very much in advance, > > Samuel > > _______________________________________________ > > Users mailing list > > [email protected] > > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users >
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
