[OpenSER-Users] UA Cant Connect To TLS

Wed Mar 26 14:06:31 CET 2008

Hi Ali,

but the script you listed doesn't seam to be related to REGISTER 
processing....for a GW forwarding.

Regards,
Bogdan

Ali Jawad wrote:
> Hi Bodgan 
> Thank you for your help
>
> I had the following "now commented" statement in route[1]
>
> route[1] {
>
>     xlog("L_INFO","rewritehostport to VOIP_GW:5060");
> ##      Removed On 1.36 25 03 08
> ##      sethostport("xx.xx.xx.xx:5060");
>
>         if (subst_uri('/(sip:.*);nat=yes/\1/')){
>                 setbflag(6);
>         };
>
>         if (isflagset(5)||isbflagset(6)) {
>                 route(3);
>         }
>
>         if (!t_relay()) {
>                 sl_reply_error();
>         };
>         exit;
> }
>
>
> I commented it out as you can see now I cant login either but I am
> getting these errors 
>
> Forbidden and Unauthorized
>
>
> Another thing I would like to mention is that it worked with non TLS
> clients using the previous setups.
>
> Thx for your help so far.
> -----Original Message-----
> From: Bogdan-Andrei Iancu [mailto:bogdan at voice-system.ro] 
> Sent: Tuesday, March 25, 2008 1:02 PM
> To: Ali Jawad
> Cc: users at lists.openser.org
> Subject: Re: [OpenSER-Users] UA Cant Connect To TLS
>
> Hi Ali,
>
> The REGISTER gets to the server and it is processed by the routing 
> script - your script tries to relay the request to another destination:
> Mar 19 12:04:42 [29280] DBG:tm:t_relay_to: new transaction fwd'ed
>
> I would say the problem is on the cfg script and not in TLS part.
>
> Regards,
> Bogdan
>
> Ali Jawad wrote:
>   
>> Hi All
>>
>> My UA cant connect to tls on my openser server, as per logs everything
>>     
>
>   
>> seems fine ..I don't know why it disconnects in the end ..the log is 
>> http://java.pastebin.ca/948774
>>
>> My TLS settings are
>>
>> /* uncomment the following lines to enable TLS support (default off)
>>     
> */
>   
>> #disable_tls = yes
>>
>> disable_tls = no
>>
>> listen = tls:xx.xx.x.xx.x
>>
>> tls_verify_server = 1
>>
>> tls_verify_client = 1
>>
>> tls_require_client_certificate = 0
>>
>> tls_method = TLSv1
>>
>> #tls_certificate = "/usr/local/eyeball/license/cert.pem"
>>
>> #tls_private_key = "/usr/local/eyeball/license/privkey.pem"
>>
>> #tls_ca_list = "/usr/local/eyeball/license/splendor3.crtpvk.pem"
>>
>> tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"
>>
>> tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"
>>
>> tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"
>>
>> #port=5060
>>
>> /* uncomment and configure the following line if you want openser to
>>
>> bind on a specific interface/port/proto (default bind on all
>>     
> available) */
>   
>> listen=udp:87.236.144.13:5060
>>
>> #listen=tcp:87.236.144.12:5060
>>
>> sip_warning=yes
>>
>>
>>     
> ------------------------------------------------------------------------
>   
>> _______________________________________________
>> Users mailing list
>> Users at lists.openser.org
>> http://lists.openser.org/cgi-bin/mailman/listinfo/users
>>   
>>     
>
>
>   