[OpenSIPS-Users] mediaproxy GNUTLSError: ASN1 parser: Error in DER parsing
samuel
samu60 at gmail.com
Tue Jul 10 10:51:13 CEST 2012
I finally found out what the problem was:
I had created the keys with password and it was not possible for mediaproxy
to use the .key file. Saving without password starts the application.
Aplogies for the noise,
Samuel.
On 9 July 2012 15:32, samuel <samu60 at gmail.com> wrote:
> Thanks for the reply but dependencies shall be solved installing
> mediaproxy with AGprojects repositories. Anyway I installed both packages
> and the error is still the same.
>
> Best regards,
> Samuel.
>
>
> On 9 July 2012 12:52, Chandrakant Solanki <solanki.chandrakant at gmail.com>wrote:
>
>> Hi
>>
>> Try to install gnutls 'n gnutls-devel
>>
>> On Mon, Jul 9, 2012 at 3:56 PM, samuel <samu60 at gmail.com> wrote:
>>
>>> Hi all,
>>>
>>> I'm testing mediaproxy 2.5.2 on a debian 6.0 server and followed the
>>> simple install instructions from repositories. I created certificates using
>>> tinyCA changing the option in Netscape Certificate Type to "SSL Server, SSL
>>> Client" and load them on the server with the appropriate name (relay.crt,
>>> relay,key, ca.pem, and crl.pem)
>>>
>>> Installed software:
>>> ii mediaproxy-relay 2.5.2squeeze
>>> MediaProxy relay
>>> ii libgnutls26 2.8.6-1+squeeze2 the
>>> GNU TLS library - runtime library
>>> ii python-gnutls 1.2.4squeeze
>>> Python wrapper for the GNUTLS library
>>>
>>> Log output:
>>> ul 9 12:16:16 debian603 media-relay[12930]: Starting MediaProxy Relay
>>> 2.5.2
>>> Jul 9 12:16:17 debian603 media-relay[12930]: using set_wakeup_fd
>>> Jul 9 12:16:17 debian603 media-relay[12930]: Set resource limit for
>>> maximum open file descriptors to 11000
>>> Jul 9 12:16:17 debian603 media-relay[12930]: fatal error: failed to
>>> create MediaProxy Relay: ASN1 parser: Error in DER parsing.
>>> Jul 9 12:16:17 debian603 media-relay[12930]: Traceback (most recent
>>> call last):
>>> Jul 9 12:16:17 debian603 media-relay[12930]: File
>>> "/usr/bin/media-relay", line 103, in <module>
>>> Jul 9 12:16:17 debian603 media-relay[12930]: relay = MediaRelay()
>>> Jul 9 12:16:17 debian603 media-relay[12930]: File
>>> "/usr/lib/python2.6/dist-packages/mediaproxy/relay.py", line 319, in
>>> __init__
>>> Jul 9 12:16:17 debian603 media-relay[12930]: self.cred =
>>> X509Credentials(cert_name='relay')
>>> Jul 9 12:16:17 debian603 media-relay[12930]: File
>>> "/usr/lib/python2.6/dist-packages/mediaproxy/tls.py", line 132, in __init__
>>> Jul 9 12:16:17 debian603 media-relay[12930]:
>>> twisted.X509Credentials.__init__(self, self.X509cert, self.X509key,
>>> [self.X509ca], [self.X509crl])
>>> Jul 9 12:16:17 debian603 media-relay[12930]: File
>>> "/usr/lib/python2.6/dist-packages/mediaproxy/tls.py", line 99, in __get__
>>> Jul 9 12:16:17 debian603 media-relay[12930]: return descriptor.get()
>>> Jul 9 12:16:17 debian603 media-relay[12930]: File
>>> "/usr/lib/python2.6/dist-packages/mediaproxy/tls.py", line 82, in get
>>> Jul 9 12:16:17 debian603 media-relay[12930]: self.object =
>>> self.klass(f.read())
>>> Jul 9 12:16:17 debian603 media-relay[12930]: File "<string>", line 1,
>>> in __init__
>>> Jul 9 12:16:17 debian603 media-relay[12930]: File
>>> "/usr/lib/python2.6/dist-packages/gnutls/validators.py", line 273, in
>>> check_args
>>> Jul 9 12:16:17 debian603 media-relay[12930]: return func(*func_args)
>>> Jul 9 12:16:17 debian603 media-relay[12930]: File
>>> "/usr/lib/python2.6/dist-packages/gnutls/crypto.py", line 213, in __init__
>>> Jul 9 12:16:17 debian603 media-relay[12930]:
>>> gnutls_x509_privkey_import(self._c_object, byref(data), format)
>>> Jul 9 12:16:17 debian603 media-relay[12930]: File
>>> "/usr/lib/python2.6/dist-packages/gnutls/library/errors.py", line 54, in
>>> check_status
>>> Jul 9 12:16:17 debian603 media-relay[12930]: raise
>>> GNUTLSError(ErrorMessage(retcode))
>>> Jul 9 12:16:17 debian603 media-relay[12930]: GNUTLSError: ASN1 parser:
>>> Error in DER parsing.
>>>
>>> I re-created the cert files to see whether there was some problem but
>>> they still show the same behaviour. Could it be any problem with GNUTLS
>>> version? Is there any special rule to create the certificate (I've created
>>> another one for opensips and the SIP server was able to read it)?
>>>
>>> Thanks in advance for any hint,
>>> Best regards,
>>> Samuel.
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at lists.opensips.org
>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>
>>>
>>
>>
>> --
>> Regards,
>>
>> Chandrakant Solanki
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20120710/5c0901b6/attachment-0001.htm>
More information about the Users
mailing list