Hi, In a production environment, the below error is seen. The TLS handshake is fine and messages are being exchanged as seen from pcap and when one of the TCP message is read,
2018-05-11T11:24:05.000-04:00 [local2] [err] ffd-alpha-zone1-ccm1.ipc.com /usr/sbin/opensipsInternal[10325]: ERROR:core:_tls_read: TLS connection to 10.204.34.62:52094 read failed 2018-05-11T11:24:05.000-04:00 [local2] [err] ffd-alpha-zone1-ccm1.ipc.com /usr/sbin/opensipsInternal[10325]: ERROR:core:_tls_read: TLS read error: 1 2018-05-11T11:24:05.000-04:00 [local2] [err] ffd-alpha-zone1-ccm1.ipc.com /usr/sbin/opensipsInternal[10325]: ERROR:core:tls_print_errstack: TLS errstack: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned This error is seen. TLS read error: 1 indicates SSL_ERROR_SSL. Checking the pcap for success and failure case, they are no abnormalities. It fails for only one user randomly. Today in our test it failed twice with the same error when reading a TLS packet. TLS session establishment is fine. Any pointers would really help. Thanks, Rajeshkumar Govindaraj Software Engineer 777 Commerce Drive, Fairfield, CT-06825 T +1 201 253 7803 * M +1 475 439 9918 * E rajesh.govinda...@ipc.com<mailto:rajesh.govinda...@ipc.com> Follow us on twitter: @ipc_Systems_Inc www.ipc.com<http://www.ipc.com/> [cid:image006.jpg@01D1940F.3E021840] DISCLAIMER: This e-mail may contain information that is confidential, privileged or otherwise protected from disclosure. If you are not an intended recipient of this e-mail, do not duplicate or redistribute it by any means. Please delete it and any attachments and notify the sender that you have received it in error. Unintended recipients are prohibited from taking action on the basis of information in this e-mail. E-mail messages may contain computer viruses or other defects, may not be accurately replicated on other systems, or may be intercepted, deleted or interfered with without the knowledge of the sender or the intended recipient. If you are not comfortable with the risks associated with e-mail messages, you may decide not to use e-mail to communicate with IPC. IPC reserves the right, to the extent and under circumstances permitted by applicable law, to retain, monitor and intercept e-mail messages to and from its systems.
_______________________________________________ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users
