TBH, all I can see in the logs you sent is that a connection was
terminated (without even being started), and a connection that was
started, but closed by the client. So in order to understand what's
happening, you need to understand why the client is closing the
connection. Check logs, documentation, anything, but this doesn't seem
to be related to OpenSIPS, it looks like some SSL misconfiguration.
Best regards,
Răzvan
On 6/26/19 4:24 PM, Sasmita Panda wrote:
Is there any update on this issue . How I can solve this error message
from my opensips logs .
*/Thanks & Regards/*
/Sasmita Panda/
/Senior Network Testing and Software Engineer/
/3CLogic , ph:07827611765/
On Tue, Jun 25, 2019 at 3:48 PM Sasmita Panda <spa...@3clogic.com
<mailto:spa...@3clogic.com>> wrote:
I have tried to take ssldump in the webrtc server in run time .
New TCP connection #19: 192.168.1.y(48530) <-> 192.168.0.x(443)
19 0.0011 (0.0011) C>S TCP FIN
19 0.0013 (0.0001) S>C TCP FIN
New TCP connection #20: 192.168.0.y(52975) <-> 192.168.0.x(443)
20 1 0.0006 (0.0006) C>S Handshake ClientHello
20 2 0.0008 (0.0002) S>C Handshake ServerHello
20 3 0.0008 (0.0000) S>C Handshake Certificate
20 4 0.0008 (0.0000) S>C Handshake ServerHelloDone
20 5 0.0020 (0.0011) C>S Handshake ClientKeyExchange
20 6 0.0020 (0.0000) C>S ChangeCipherSpec
20 7 0.0020 (0.0000) C>S Handshake
20 8 0.0036 (0.0015) S>C Handshake20 9 0.0036 (0.0000) S>C
ChangeCipherSpec
20 10 0.0036 (0.0000) S>C Handshake
20 11 0.0042 (0.0006) C>S Alert
20 0.0042 (0.0000) C>S TCP FIN
20 0.0043 (0.0000) S>C TCP FIN
The portion I marked in red whenever appear there is error in
opensips logs . For below portion the connection was accepted .
I am not even getting any error in my browser side . How I will
debug this ? please help .
*/Thanks & Regards/*
/Sasmita Panda/
/Senior Network Testing and Software Engineer/
/3CLogic , ph:07827611765/
On Fri, Jun 14, 2019 at 2:51 PM Callum Guy <callum....@x-on.co.uk
<mailto:callum....@x-on.co.uk>> wrote:
You might find that a tcpdump is the only way to get to grips
with the underlying issue.
Having said that I wonder if there is any chance that the
connection isn't accepting simply due to a cipher
incompatibility. Are you setting a cipher list that you know
your clients accept? Maybe try:
modparam("tls_mgm", "ciphers_list",
"AES256-GCM-SHA384,AES256-SHA256,AES256-SHA,CAMELLIA256-SHA,AES128-SHA,CAMELLIA128-SHA,RC4-SHA")
On Fri, 14 Jun 2019 at 09:17, Sasmita Panda <spa...@3clogic.com
<mailto:spa...@3clogic.com>> wrote:
I had a dedicated server for 1 Client . When that client
faces the issue I started looking into the logs . And this
is what the error I got .
but latter on when I saw other servers which is getting used
by different client in that logs also same error coming
everyday .
As a conclusion its happening with everybody .
Below is the configuration .
modparam("tls_mgm", "tls_method", "tlsv1_2")
modparam("tls_mgm", "verify_cert", "0")
modparam("tls_mgm", "require_cert", "0")
modparam("tls_mgm", "certificate",
"/usr/etc/opensips/tls/3ccloudwebrtc2019.crt")
modparam("tls_mgm", "private_key",
"/usr/etc/opensips/tls/3ccloud.key")
modparam("tls_mgm", "ca_list",
"/usr/etc/opensips/tls/rootCA/cacert.pem")
*/Thanks & Regards/*
/Sasmita Panda/
/Senior Network Testing and Software Engineer/
/3CLogic , ph:07827611765/
On Thu, Jun 13, 2019 at 6:50 PM Răzvan Crainea
<raz...@opensips.org <mailto:raz...@opensips.org>> wrote:
Can you trace the SSL traffic between the two endpoints?
Perhaps the SSL
header give you a reason for not accepting the connection.
Is this happening only for certain clients, or for everyone?
Are you requiring any certificates validation?
Best regards,
Răzvan
On 6/12/19 3:34 PM, Sasmita Panda wrote:
> I am using opensips 2.2
> version: opensips 2.2.4 (x86_64/linux)
>
> I am using the proto_wss and tls_mgm module for
establishing websocket
> connection .
>
> I am getting bellow error again and again . Whats the
reson behind this
> and how can I solve this problem ?
>
>
> Jun 10 00:00:15 localhost /usr/sbin/opensips[1548]:
> INFO:core:probe_max_sock_buff: using snd buffer of 416 kb
> Jun 10 00:00:15 localhost /usr/sbin/opensips[1548]:
> INFO:core:init_sock_keepalive: TCP keepalive enabled
on socket 96
> Jun 10 00:00:15 localhost /usr/sbin/opensips[1546]:
> ERROR:proto_wss:tls_accept: New TLS connection from
192.168.160.6:58616 <http://192.168.160.6:58616>
> <http://192.168.160.6:58616> failed to accept
> Jun 10 00:00:15 localhost /usr/sbin/opensips[1546]:
> ERROR:proto_wss:wss_read_req: cannot fix read connection
> Jun 10 00:00:17 localhost /usr/sbin/opensips[1548]:
> INFO:core:probe_max_sock_buff: using snd buffer of 416 kb
> Jun 10 00:00:17 localhost /usr/sbin/opensips[1548]:
> INFO:core:init_sock_keepalive: TCP keepalive enabled
on socket 96
> Jun 10 00:00:17 localhost /usr/sbin/opensips[1546]:
> ERROR:proto_wss:tls_accept: New TLS connection from
192.168.175.59:12918 <http://192.168.175.59:12918>
> <http://192.168.175.59:12918> failed to accept
> Jun 10 00:00:17 localhost /usr/sbin/opensips[1546]:
> ERROR:proto_wss:wss_read_req: cannot fix read connection
>
>
> Please do help .
>
>
>
> */Thanks & Regards/*
> /Sasmita Panda/
> /Senior Network Testing and Software Engineer/
> /3CLogic , ph:07827611765/
>
> _______________________________________________
> Users mailing list
> Users@lists.opensips.org
<mailto:Users@lists.opensips.org>
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
--
Răzvan Crainea
OpenSIPS Core Developer
http://www.opensips-solutions.com
_______________________________________________
Users mailing list
Users@lists.opensips.org <mailto:Users@lists.opensips.org>
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
Users@lists.opensips.org <mailto:Users@lists.opensips.org>
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
*^0333 332 0000 | www.x-on.co.uk <http://www.x-on.co.uk> |
_**_^<https://www.linkedin.com/company/x-on>
<https://www.facebook.com/XonTel> <https://twitter.com/xonuk> *
X-on is a trading name of Storacall Technology Ltd a limited
company registered in England and Wales.
Registered Office : Avaland House, 110 London Road, Apsley,
Hemel Hempstead, Herts, HP3 9SD. Company Registration No. 2578478.
The information in this e-mail is confidential and for use by
the addressee(s) only. If you are not the intended recipient,
please notify X-on immediately on +44(0)333 332 0000 and delete the
message from your computer. If you are not a named addressee you
must not use, disclose, disseminate, distribute, copy, print or
reply to this email. Views or opinions expressed by an individual
within this email may not necessarily reflect the views of X-on
or its associated companies. Although X-on routinely screens for
viruses, addressees should scan this email and any attachments
for viruses. X-on makes no representation or warranty as to the
absence of viruses in this email or any attachments.
_______________________________________________
Users mailing list
Users@lists.opensips.org <mailto:Users@lists.opensips.org>
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
--
Răzvan Crainea
OpenSIPS Core Developer
http://www.opensips-solutions.com
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users