Dear Bogdan-Andrei Iancu, Thank you for the reply.
In fact I re-do the CA generation by following the Opensips TLS setting document (https://opensips.org/html/docs/tutorials/tls-1.4.x). From the request.conf I confirm that “default_md” is set to “sha1”. After I recopy the tls folder to the location /etc/opensips/tls and restart opensips service, it still shows the error message. As for the log message, I like to check with you, if the previous three tls_mgm notice which tell some strange message that create such problem? Regards Wilson Wang May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: NOTICE:tls_mgm:init_tls_dom: No EC curve defined May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: INFO:tls_mgm:get_ssl_ctx_verify_mode: client verification activated. Client certificates are NOT mandatory. May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: NOTICE:tls_mgm:init_tls_dom: no CA dir for tls 'default' defined, using default '/etc/pki/CA/' May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: NOTICE:tls_mgm:init_tls_dom: no crl for tls, using none May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: ERROR:tls_mgm:tls_print_errstack: TLS errstack: error:140AB18E:SSL routines:SSL_CTX_use_certificate:ca md too weak May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: ERROR:tls_mgm:load_certificate: unable to load certificate file '/etc/opensips/tls/user/user-cert.pem' May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'default' May 26 11:49:23 wilson-VirtualBox /usr/local/opensips/sbin/opensips[5103]: ERROR:core:init_mod: failed to initialize module tls_mgm
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
