[OpenSIPS-Users] why tls not enable
Bogdan-Andrei Iancu
bogdan at opensips.org
Tue Jan 12 09:45:06 CET 2016
Hi,
Try to manually start "opensips -f /path/to/opensips.cfg"
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
On 12.01.2016 08:56, chiu ching cheng wrote:
> Hello Bogdan:
>
> I am start up opensips with "opensipsctl start " , and no "-f"
> parameter . In my impression , it would inspect opensips.cfg
> configuration for opensipsctl script .
>
> On Mon, Jan 11, 2016 at 6:06 PM, Bogdan-Andrei Iancu
> <bogdan at opensips.org <mailto:bogdan at opensips.org>> wrote:
>
> Hi,
>
> I do not contest the correctness of your cfg, but I'm simply
> asking if you are 100% sure that your opensips is using the
> correct opensips.cfg file ( be sure by explicitly pointing the
> file via "-f" startup option).
>
> Regards,
>
> Bogdan-Andrei Iancu
> OpenSIPS Founder and Developer
> http://www.opensips-solutions.com
>
> On 11.01.2016 03:46, chiu ching cheng wrote:
>> ----------------------------------------------------
>> openssips.cfg
>>
>> listen=tls:X.X.X.X:5061 # CUSTOMIZE ME
>> rev_dns=no
>>
>> advertised_address="X.X.X.X"
>> alias=X.X.X.X
>>
>>
>> loadmodule "proto_udp.so"
>>
>>
>> loadmodule "proto_tls.so"
>> modparam("proto_tls","verify_cert", "0")
>> modparam("proto_tls","require_cert", "0")
>> modparam("proto_tls","tls_method", "TLSv1")
>> modparam("proto_tls", "ciphers_list", "NULL")
>> modparam("proto_tls","certificate",
>> "/usr/local/etc/opensips/tls/user/user-cert.pem")
>> modparam("proto_tls","private_key",
>> "/usr/local/etc/opensips/tls/user/user-privkey.pem")
>> modparam("proto_tls","ca_list",
>> "/usr/local/etc/opensips/tls/user/user-calist.pem")
>>
>>
>> On Fri, Jan 8, 2016 at 11:39 PM, Bogdan-Andrei Iancu
>> <bogdan at opensips.org <mailto:bogdan at opensips.org>> wrote:
>>
>> Hi,
>>
>> Are you sure your opensips is using the proper config file
>> (where the TLS interface is defined) ?
>>
>> Regards,
>>
>> Bogdan-Andrei Iancu
>> OpenSIPS Founder and Developer
>> http://www.opensips-solutions.com
>>
>> On 08.01.2016 12:06, chiu ching cheng wrote:
>>> Dear Bordan :
>>>
>>> netstat -lnp | grep opensips
>>> udp 0 0 127.0.0.1:5060 <http://127.0.0.1:5060>
>>> 0.0.0.0:* 1365/opensips
>>>
>>> you can find opensips is run , but just enable udp , not tls
>>>
>>> On Wed, Jan 6, 2016 at 5:24 PM, Bogdan-Andrei Iancu
>>> <bogdan at opensips.org <mailto:bogdan at opensips.org>> wrote:
>>>
>>> Try
>>>
>>> "netstat -lnp | grep opensips"
>>>
>>> Regards,
>>>
>>> Bogdan-Andrei Iancu
>>> OpenSIPS Founder and Developer
>>> http://www.opensips-solutions.com
>>>
>>> On 06.01.2016 04:26, chiu ching cheng wrote:
>>>> Dear Bogdan:
>>>>
>>>> thanks your reply , but as following , the sip udp is
>>>> enable , opensips is enable ,and log no error . but tls
>>>> not enable
>>>>
>>>> I ever install another opensips server which is behind
>>>> the firewall and tls work fine , but this server is one
>>>> interface public ip , one interface private , I just
>>>> config one public ip . I don't know if this caused
>>>> failure ( opensips at lease need two ip ?) .
>>>>
>>>> thanks !
>>>>
>>>> root at 125-227-130-1:~# netstat -tuln | grep 5061
>>>> tcp 0 0 0.0.0.0:25061
>>>> <http://0.0.0.0:25061> 0.0.0.0:* LISTEN
>>>> root at 125-227-130-1:~# netstat -tuln | grep 5060
>>>> tcp 0 0 0.0.0.0:25060
>>>> <http://0.0.0.0:25060> 0.0.0.0:* LISTEN
>>>> udp 0 0 127.0.0.1:5060
>>>> <http://127.0.0.1:5060> 0.0.0.0:*
>>>> root at 125-227-130-1:~# ps auxw | grep opensips
>>>> root 1466 0.0 0.0 70052 4248 ? S 10:12
>>>> 0:00 /usr/local/sbin/opensips -P /var/run/opensips.pid
>>>> root 1467 0.0 0.0 70056 892 ? S 10:12
>>>> 0:00 /usr/local/sbin/opensips -P /var/run/opensips.pid
>>>> root 1468 0.4 0.0 70052 464 ? S 10:12
>>>> 0:01 /usr/local/sbin/opensips -P /var/run/opensips.pid
>>>> root 1469 0.0 0.0 70052 464 ? S 10:12
>>>> 0:00 /usr/local/sbin/opensips -P /var/run/opensips.pid
>>>> root 1470 0.0 0.0 70052 656 ? S 10:12
>>>> 0:00 /usr/local/sbin/opensips -P /var/run/opensips.pid
>>>> root 1471 0.0 0.0 70052 656 ? S 10:12
>>>> 0:00 /usr/local/sbin/opensips -P /var/run/opensips.pid
>>>> root 1472 0.0 0.0 70052 656 ? S 10:12
>>>> 0:00 /usr/local/sbin/opensips -P /var/run/opensips.pid
>>>> root 1473 0.0 0.0 70052 896 ? S 10:12
>>>> 0:00 /usr/local/sbin/opensips -P /var/run/opensips.pid
>>>> root 1731 0.0 0.0 11744 924 pts/0 R+ 10:18
>>>> 0:00 grep --color=auto opensips
>>>>
>>>> On Tue, Jan 5, 2016 at 9:54 PM, Bogdan-Andrei Iancu
>>>> <bogdan at opensips.org <mailto:bogdan at opensips.org>> wrote:
>>>>
>>>> Hi,
>>>>
>>>> Are you sure opensips is actually started ? check
>>>> logs file for error or do "ps auxw | grep opensips"
>>>>
>>>> Regards,
>>>>
>>>> Bogdan-Andrei Iancu
>>>> OpenSIPS Founder and Developer
>>>> http://www.opensips-solutions.com
>>>>
>>>> On 28.12.2015 11:19, chiu ching cheng wrote:
>>>>> Dear man :
>>>>>
>>>>> I install opensips 2.1.1 . It's seems ok . But I
>>>>> find tls service not start . why ? It's strange .
>>>>> Any one can give a explain . Thanks .
>>>>>
>>>>>
>>>>>
>>>>> lsb_release -a
>>>>> No LSB modules are available.
>>>>> Distributor ID:Ubuntu
>>>>> Description:Ubuntu 14.04.1 LTS
>>>>> Release:14.04
>>>>> Codename:trusty
>>>>> ------------------------------------------------------
>>>>> opensipsctl restart
>>>>>
>>>>> INFO: Restarting OpenSIPS :
>>>>> INFO: stopped
>>>>>
>>>>> INFO: Starting OpenSIPS :
>>>>> INFO: started (pid: 2706)
>>>>>
>>>>> ----------------------------------------------------
>>>>> openssips.cfg
>>>>>
>>>>> listen=tls:X.X.X.X:5061 # CUSTOMIZE ME
>>>>> rev_dns=no
>>>>>
>>>>> advertised_address="X.X.X.X"
>>>>> alias=X.X.X.X
>>>>>
>>>>>
>>>>> loadmodule "proto_udp.so"
>>>>>
>>>>>
>>>>> loadmodule "proto_tls.so"
>>>>> modparam("proto_tls","verify_cert", "0")
>>>>> modparam("proto_tls","require_cert", "0")
>>>>> modparam("proto_tls","tls_method", "TLSv1")
>>>>> modparam("proto_tls", "ciphers_list", "NULL")
>>>>> modparam("proto_tls","certificate",
>>>>> "/usr/local/etc/opensips/tls/user/user-cert.pem")
>>>>> modparam("proto_tls","private_key",
>>>>> "/usr/local/etc/opensips/tls/user/user-privkey.pem")
>>>>> modparam("proto_tls","ca_list",
>>>>> "/usr/local/etc/opensips/tls/user/user-calist.pem")
>>>>>
>>>>> ----------------------------------------------------------------------------------------------------
>>>>>
>>>>> netstat -tuln | grep 5061
>>>>> tcp 0 0 0.0.0.0:25061 <http://0.0.0.0:25061>
>>>>> 0.0.0.0:* LISTEN
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Users mailing list
>>>>> Users at lists.opensips.org
>>>>> <mailto:Users at lists.opensips.org>
>>>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>>
>>>>
>>>
>>>
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20160112/76959de1/attachment-0001.htm>
More information about the Users
mailing list