Hi, Daniel!
It seems you are missing the some certificates in the trust chanin, most
likely the Root CA of Microsoft Azure RSA TLS. Make sure you have the
entire chain in your CA list.
Best regards,
Răzvan Crainea
OpenSIPS Core Developer / SIPhub CTO
http://www.opensips-solutions.com / https://www.siphub.com
On 10/29/24 6:02 PM, Daniel Cogo De Vargas wrote:
Hi Everyone,
I have problem with Opensips 3.2 and MS Teams.
I´m used the certify and private key generated from Go Daddy.
I´m check the files and are OK. The extensions SIP register with TLS mode
and make call. But when I try receive a call from MS Teams show the
message
error:
NOTICE:tls_wolfssl:verify_callback: depth = 1, verify success
NOTICE:tls_wolfssl:verify_callback: depth = 0, verify failure
NOTICE:tls_wolfssl:verify_callback: subject =
/C=US/ST=WA/L=Redmond/O=Microsoft Corporation/CN=
sip.pstnhub.microsoft.com
NOTICE:tls_wolfssl:verify_callback: issuer = /C=US/O=Microsoft
Corporation/CN=Microsoft Azure RSA TLS Issuing CA 03
NOTICE:tls_wolfssl:verify_callback: verify error: certificate verify
failed
[error=-188]
ERROR:tls_wolfssl:_wolfssl_tls_accept: New TLS connection from
52.114.132.46:25236 failed to accept
ERROR:tls_wolfssl:_wolfssl_tls_accept: TLS accept error: -188,
certificate
verify failed
ERROR:proto_tls:tls_read_req: failed to do pre-tls handshake!
Can you help me with this log?
Best Regards,
Daniel Cogo
Hi Everyone,
I have problem with Opensips 3.2 and MS Teams.
I´m used the certify and private key generated from Go Daddy.
I´m check the files and are OK. The extensions SIP register with TLS
mode and make call. But when I try receive a call from MS Teams show the
message error:
NOTICE:tls_wolfssl:verify_callback: depth = 1, verify success
NOTICE:tls_wolfssl:verify_callback: depth = 0, verify failure
NOTICE:tls_wolfssl:verify_callback: subject = /C=US/ST=WA/L=Redmond/
O=Microsoft Corporation/CN=sip.pstnhub.microsoft.com <http://
sip.pstnhub.microsoft.com/>
NOTICE:tls_wolfssl:verify_callback: issuer = /C=US/O=Microsoft
Corporation/CN=Microsoft Azure RSA TLS Issuing CA 03
NOTICE:tls_wolfssl:verify_callback: verify error: certificate verify
failed [error=-188]
ERROR:tls_wolfssl:_wolfssl_tls_accept: New TLS connection from
52.114.132.46:25236 <http://52.114.132.46:25236/> failed to accept
ERROR:tls_wolfssl:_wolfssl_tls_accept: TLS accept error: -188,
certificate verify failed
ERROR:proto_tls:tls_read_req: failed to do pre-tls handshake!
Can you help me with this log?
Best Regards,
Daniel Cogo
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Hi.
Thank you for answer Razvan.
I used the files fullchain.crt, simple.key and gd_bundle.crt. Is the
referenced file another?
Example in opensips.cfg:
modparam("tls_mgm","certificate", "[default]/etc/opensips/tls/user-
cert/fullchain.crt")
modparam("tls_mgm","private_key", "[default]/etc/opensips/tls/user-
cert/simple.key")
modparam("tls_mgm","ca_list", "[default]/etc/opensips/tls/user-cert/
gd_bundle.crt")
Best Regards,
Daniel Cogo
Em qua., 30 de out. de 2024 às 04:58, Răzvan Crainea
<raz...@opensips.org <mailto:raz...@opensips.org>> escreveu:
Hi, Daniel!
It seems you are missing the some certificates in the trust
chanin, most
likely the Root CA of Microsoft Azure RSA TLS. Make sure you have the
entire chain in your CA list.
Best regards,
Răzvan Crainea
OpenSIPS Core Developer / SIPhub CTO
http://www.opensips-solutions.com <http://www.opensips-
solutions.com> / https://www.siphub.com <https://www.siphub.com>
On 10/29/24 6:02 PM, Daniel Cogo De Vargas wrote:
> Hi Everyone,
>
> I have problem with Opensips 3.2 and MS Teams.
>
> I´m used the certify and private key generated from Go Daddy.
>
> I´m check the files and are OK. The extensions SIP register with
TLS mode
> and make call. But when I try receive a call from MS Teams show
the message
> error:
>
> NOTICE:tls_wolfssl:verify_callback: depth = 1, verify success
> NOTICE:tls_wolfssl:verify_callback: depth = 0, verify failure
> NOTICE:tls_wolfssl:verify_callback: subject =
> /C=US/ST=WA/L=Redmond/O=Microsoft Corporation/
CN=sip.pstnhub.microsoft.com <http://sip.pstnhub.microsoft.com>
> NOTICE:tls_wolfssl:verify_callback: issuer = /C=US/O=Microsoft
> Corporation/CN=Microsoft Azure RSA TLS Issuing CA 03
> NOTICE:tls_wolfssl:verify_callback: verify error: certificate
verify failed
> [error=-188]
> ERROR:tls_wolfssl:_wolfssl_tls_accept: New TLS connection from
> 52.114.132.46:25236 <http://52.114.132.46:25236> failed to accept
> ERROR:tls_wolfssl:_wolfssl_tls_accept: TLS accept error: -188,
certificate
> verify failed
> ERROR:proto_tls:tls_read_req: failed to do pre-tls handshake!
>
> Can you help me with this log?
>
> Best Regards,
> Daniel Cogo
>
>
> Hi Everyone,
>
> I have problem with Opensips 3.2 and MS Teams.
>
> I´m used the certify and private key generated from Go Daddy.
>
> I´m check the files and are OK. The extensions SIP register with
TLS
> mode and make call. But when I try receive a call from MS Teams
show the
> message error:
>
> NOTICE:tls_wolfssl:verify_callback: depth = 1, verify success
> NOTICE:tls_wolfssl:verify_callback: depth = 0, verify failure
> NOTICE:tls_wolfssl:verify_callback: subject = /C=US/ST=WA/
L=Redmond/
> O=Microsoft Corporation/CN=sip.pstnhub.microsoft.com <http://
sip.pstnhub.microsoft.com> <http://
> sip.pstnhub.microsoft.com/ <http://sip.pstnhub.microsoft.com/>>
> NOTICE:tls_wolfssl:verify_callback: issuer = /C=US/O=Microsoft
> Corporation/CN=Microsoft Azure RSA TLS Issuing CA 03
> NOTICE:tls_wolfssl:verify_callback: verify error: certificate
verify
> failed [error=-188]
> ERROR:tls_wolfssl:_wolfssl_tls_accept: New TLS connection from
> 52.114.132.46:25236 <http://52.114.132.46:25236>
<http://52.114.132.46:25236/ <http://52.114.132.46:25236/>> failed
to accept
> ERROR:tls_wolfssl:_wolfssl_tls_accept: TLS accept error: -188,
> certificate verify failed
> ERROR:proto_tls:tls_read_req: failed to do pre-tls handshake!
>
> Can you help me with this log?
>
> Best Regards,
> Daniel Cogo
>
> _______________________________________________
> Users mailing list
> Users@lists.opensips.org <mailto:Users@lists.opensips.org>
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
<http://lists.opensips.org/cgi-bin/mailman/listinfo/users>
_______________________________________________
Users mailing list
Users@lists.opensips.org <mailto:Users@lists.opensips.org>
http://lists.opensips.org/cgi-bin/mailman/listinfo/users <http://
lists.opensips.org/cgi-bin/mailman/listinfo/users>
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
