Hi everyone,
I'm trying to integrate Ms Teams and Opensips and I'm having some problems.
I tried to use self signed and Letsencrypt certificates, with no success. I
always receive a ''no TLS client domain found'.
/usr/sbin/opensips[505412]: ERROR:proto_tls:proto_tls_conn_init: no TLS
client domain found
/usr/sbin/opensips[505412]: ERROR:core:tcp_conn_create: failed to do proto
3 specific init for conn 0x7f7220f343b0
/usr/sbin/opensips[505412]: ERROR:core:tcp_async_connect: tcp_conn_create
failed
Here my opensips.cfg:
loadmodule "tls_mgm.so"
/*#first the server domain */
modparam("tls_mgm", "server_domain", "default")
modparam("tls_mgm", "certificate", "[default]/etc/letsencrypt/live/
sbc.mydomain.com/fullchain.pem")
modparam("tls_mgm", "private_key", "[default]/etc/letsencrypt/live/
sbc.mydomain.com/privkey.pem")
modparam("tls_mgm", "ca_list", "[default]/etc/letsencrypt/live/
sbc.mydomain.com/inter.pem")
modparam("tls_mgm", "match_sip_domain", "[default]sbc.mydomain.com")
modparam("tls_mgm", "verify_cert", "[default]0")
#modparam("tls_mgm", "require_cert", "[default]1")
#modparam("tls_mgm", "ciphers_list", "[default]AES128-SHA256:AES256-SHA")
modparam("tls_mgm", "tls_method", "[default]SSLv23")
# #and the client domain
modparam("tls_mgm", "client_domain", "client")
modparam("tls_mgm", "certificate", "[client]/etc/letsencrypt/live/
sbc.mydomain.com/fullchain.pem")
modparam("tls_mgm", "private_key", "[client]/etc/letsencrypt/live/
sbc.mydomain.com/privkey.pem")
modparam("tls_mgm", "ca_list", "[client]/etc/letsencrypt/live/
sbc.mydomain.com/inter.pem")
#modparam("tls_mgm", "ca_dir", "[client]/etc/letsencrypt/live/
sbc.mydomain.com/")
modparam("tls_mgm", "match_sip_domain", "[client]sbc.mydomain.com")
modparam("tls_mgm", "verify_cert", "[client]0")
# modparam("tls_mgm", "require_cert", "[client]1")
# modparam("tls_mgm", "ciphers_list", "[client]AES128-SHA256:AES256-SHA")
modparam("tls_mgm", "tls_method", "[client]SSLv23")
I also changed the certificates, using self signed in "server domain" only
or "client domain" only. Same result.
Using the openssl the verify the certificates, I receive a OK in console:
fullchain.pem: OK
The inter.pem is the file with the root and intermediate Letsencrypt
certificates.
On the Ms Teams side, I checked the FQDN used, checked the firewall ports
etc.
I followed this tutorial:
https://blog.opensips.org/2019/09/16/opensips-as-ms-teams-sbc/ , so I'm
using the Dynamic Routing module to send the OPTIONS packet. The opensips
start the communication using TLS, I see the packets using TLS in 5061
port, but when Opensips will answer, this message appears on the console
and the connection is closed.
/usr/sbin/opensips[505398]: ERROR:tm:t_uac: attempt to send to 'sip:
sip.pstnhub.microsoft.com' failed
/usr/sbin/opensips[505398]: ERROR:proto_tls:proto_tls_conn_init: no TLS
client domain found
/usr/sbin/opensips[505398]: ERROR:core:tcp_conn_create: failed to do proto
3 specific init for conn 0x7f7220f4df40
What I'm not seeing? Did someone pass through this problem?
Best regards
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
