Re: [OpenSIPS-Users] wss and tls

Tue, 03 Jan 2023 10:59:22 -0800 

Hi,
Check with tcpdump to see what happens at TCP layer - it may be the client closing the conn while opensips is performing the accept. 

Regards,

Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
  https://www.opensips-solutions.com
OpenSIPS Bootcamp 5-16 Dec 2022, online
  https://www.opensips.org/training/OpenSIPS_eBootcamp_2022/

On 12/15/22 6:35 PM, nutxase via Users wrote:

Hi All


I am trying to get tls working with my letsencrypt cert but i keep 
getting this error


ERROR:tls_openssl:openssl_tls_accept: SSL_ERROR_SYSCALL err=Success(0)

ERROR:tls_openssl:openssl_tls_accept: New TLS connection from 
xxxx:47817 failed to accept
Dec 15 16:32:54 [localhost] /usr/sbin/opensips[4373]: 
ERROR:proto_wss:wss_read_req: cannot fix read connection


my config is as follows
loadmodule "tls_openssl.so"

modparam("tls_mgm", "server_domain", "sip")
modparam("tls_mgm", "ca_list", "[sip]/etc/letsencrypt/fullchain.pem")
modparam("tls_mgm", "certificate", "[sip]/etc/opensips/tls/cert.pem")
modparam("tls_mgm", "private_key", "[sip]/etc/opensips/tls/ckey.pem")
modparam("tls_mgm", "require_cert", "[sip]0")
modparam("tls_mgm", "tls_method", "[sip]TLSv1")
modparam("tls_mgm", "verify_cert", "[sip]0")
modparam("tls_mgm", "match_sip_domain", "[sip]*")
modparam("tls_mgm", "match_ip_address", "[sip]*")

modparam("tls_mgm", "client_domain", "sip1")
modparam("tls_mgm", "ca_list", "[sip1]/etc/letsencrypt/fullchain.pem")
modparam("tls_mgm", "certificate", "[sip1]/etc/opensips/tls/cert.pem")
modparam("tls_mgm", "private_key", "[sip1]/etc/opensips/tls/ckey.pem")
modparam("tls_mgm", "require_cert", "[sip1]0")
modparam("tls_mgm", "tls_method", "[sip1]TLSv1")
modparam("tls_mgm", "verify_cert", "[sip1]0")
modparam("tls_mgm", "match_sip_domain", "[sip]*")
modparam("tls_mgm", "match_ip_address", "[sip]*")

loadmodule "proto_wss.so"
modparam("proto_wss", "require_origin", no)
loadmodule "proto_ws.so"
modparam("proto_ws", "require_origin", no)

i have tried wolfssl aswell
any ideas :(


Sent with Proton Mail <https://proton.me/> secure email.

_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users



_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users






















					Reply via email to