ca.conf) does not exist

Bogdan-Andrei Iancu Thu, 25 Jun 2015 03:56:23 -0700

Hi,

A fresh installation of 2.1 (sources from GIT) produces:


$ ls -laR /tmp/opensips_test/etc/opensips/tls/
/tmp/opensips_test/etc/opensips/tls/:
total 32
drwxrwxr-x 4 bogdan bogdan 4096 iun 25 13:29 .
drwx------ 3 bogdan bogdan 4096 iun 25 13:29 ..
-rw-r--r-- 1 bogdan bogdan 2049 iun 25 13:29 ca.conf
-rw-r--r-- 1 bogdan bogdan 1048 iun 25 13:29 README
-rw-r--r-- 1 bogdan bogdan 1127 iun 25 13:29 request.conf
drwxrwxr-x 4 bogdan bogdan 4096 iun 25 13:30 rootCA
drwxrwxr-x 2 bogdan bogdan 4096 iun 25 13:30 user
-rw-r--r-- 1 bogdan bogdan  591 iun 25 13:29 user.conf

/tmp/opensips_test/etc/opensips/tls/rootCA:
total 28
drwxrwxr-x 4 bogdan bogdan 4096 iun 25 13:30 .
drwxrwxr-x 4 bogdan bogdan 4096 iun 25 13:29 ..
-rw-r--r-- 1 bogdan bogdan 1338 iun 25 13:29 cacert.pem
drwxrwxr-x 2 bogdan bogdan 4096 iun 25 13:30 certs
-rw-r--r-- 1 bogdan bogdan  135 iun 25 13:29 index.txt
drwxrwxr-x 2 bogdan bogdan 4096 iun 25 13:30 private
-rw-r--r-- 1 bogdan bogdan    3 iun 25 13:30 serial

/tmp/opensips_test/etc/opensips/tls/rootCA/certs:
total 12
drwxrwxr-x 2 bogdan bogdan 4096 iun 25 13:30 .
drwxrwxr-x 4 bogdan bogdan 4096 iun 25 13:30 ..
-rw-r--r-- 1 bogdan bogdan 3023 iun 25 13:30 01.pem

/tmp/opensips_test/etc/opensips/tls/rootCA/private:
total 12
drwxrwxr-x 2 bogdan bogdan 4096 iun 25 13:30 .
drwxrwxr-x 4 bogdan bogdan 4096 iun 25 13:30 ..
-rw-r--r-- 1 bogdan bogdan 1834 iun 25 13:30 cakey.pem

/tmp/opensips_test/etc/opensips/tls/user:
total 24
drwxrwxr-x 2 bogdan bogdan 4096 iun 25 13:30 .
drwxrwxr-x 4 bogdan bogdan 4096 iun 25 13:29 ..
-rw-r--r-- 1 bogdan bogdan 1338 iun 25 13:30 user-calist.pem
-rw-r--r-- 1 bogdan bogdan 3023 iun 25 13:30 user-cert.pem
-rw-r--r-- 1 bogdan bogdan  530 iun 25 13:30 user-cert_req.pem
-rw-r--r-- 1 bogdan bogdan  526 iun 25 13:30 user-privkey.pem

All the TLS files seems to be in place. For 2.1 there is no specificswitch for TLS, it is by default present, there is not need for extraoptions or env variables. Just to "make install"


Regards,

Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com

On 25.06.2015 03:03, Nabeel wrote:

I just installed version 1.11.5 of OpenSIPS and this version does haveall the TLS files included. I should have downloaded this version allalong because version 2.1 clearly needs to be fixed.

On 25 June 2015 at 00:36, Nabeel <[email protected]<mailto:[email protected]>> wrote:


    Where are the 'example' openssl certificates as mentioned in the
    link above?  In the source files folder, there is no /etc/tls
    folder, and there are no example certificates in the
    [source]/examples folder either.

    On 25 June 2015 at 00:26, Nabeel <[email protected]
    <mailto:[email protected]>> wrote:

        I tried installing OpenSIPS two more times, once through the
        menuconfig interface with TLS enabled, and another time with
        "TLS=1 make install" command.  Both times, the
        /etc/opensips/tls directory only has empty directories, with
        no files inside.  The following directories are created with
        no files inside:

        [installdirectory]/etc/opensips/tls
        [installdirectory]/etc/opensips/tls/rootCA
        [installdirectory]/etc/opensips/tls/user
        [installdirectory]/etc/opensips/tls/rootCA/certs
        [installdirectory]/etc/opensips/tls/rootCA/private

        All these directories are empty?  Is this normal?

        At the following link I see someone refer to an OpenSIPS
        source which has tls included "opensips-1.9.1-tls".  Is this a
        specific source tarball with TLS enabled?  Is there one for
        version 2.1?

        
https://github.com/antonraharja/book-opensips-101/blob/master/content/3.2.%20SIP%20TLS%20Secure%20Calling.mediawiki



        On 24 June 2015 at 15:30, Bogdan-Andrei Iancu
        <[email protected] <mailto:[email protected]>> wrote:

            Hi,

            What OpenSIPS version do you have ? also, note that you
            need also to install OpenSIPS with the TLS option on,
            otherwise the tls directory will not be created.

            Regards,

            Bogdan-Andrei Iancu
            OpenSIPS Founder and Developer
            http://www.opensips-solutions.com

            On 24.06.2015 17:14, Nabeel wrote:


            # opensipsctl tls rootCA
            ERROR: root CA config file
            (/usr/local//etc/opensips//tls/ca.conf) does not exist

            In fact,  that whole tls directory is empty,  even though
            my OpenSIPS instance has been compiled with tls support.
            Where can I download the CA files?



            _______________________________________________
            Users mailing list
            [email protected]  <mailto:[email protected]>
            http://lists.opensips.org/cgi-bin/mailman/listinfo/users

_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] root CA config file (/usr/local//etc/opensips//tls/ca.conf) does not exist

Reply via email to