[OpenSIPS-Users] why tls not enable
Bogdan-Andrei Iancu
bogdan at opensips.org
Tue Jan 19 11:41:03 CET 2016
Hi ,
if you do "netstat -lnp | grep opensips" do you see the other 2 UDP
listeners ?
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
On 13.01.2016 03:30, chiu ching cheng wrote:
> Hello :Bordon
>
> Now "opensipsctl start " is ok , and
>
> opensips -f /usr/etc/opensips/opensips.cfg
>
> Listening on
> udp: 125.227.130.1 [125.227.130.1]:5060
> udp: 125.227.130.1 [125.227.130.1]:3478
> tls: 125.227.130.1 [125.227.130.1]:5061
> Aliases:
> *: 125.227.130.1:*
>
> But :~# netstat -tuln | grep 5061
> tcp 0 0 0.0.0.0:25061 <http://0.0.0.0:25061> 0.0.0.0:*
> LISTEN
>
> tls service not start
>
> On Tue, Jan 12, 2016 at 4:45 PM, Bogdan-Andrei Iancu
> <bogdan at opensips.org <mailto:bogdan at opensips.org>> wrote:
>
> Hi,
>
> Try to manually start "opensips -f /path/to/opensips.cfg"
>
> Regards,
>
> Bogdan-Andrei Iancu
> OpenSIPS Founder and Developer
> http://www.opensips-solutions.com
>
> On 12.01.2016 08:56, chiu ching cheng wrote:
>> Hello Bogdan:
>>
>> I am start up opensips with "opensipsctl start " , and no "-f"
>> parameter . In my impression , it would inspect opensips.cfg
>> configuration for opensipsctl script .
>>
>> On Mon, Jan 11, 2016 at 6:06 PM, Bogdan-Andrei Iancu
>> <bogdan at opensips.org <mailto:bogdan at opensips.org>> wrote:
>>
>> Hi,
>>
>> I do not contest the correctness of your cfg, but I'm simply
>> asking if you are 100% sure that your opensips is using the
>> correct opensips.cfg file ( be sure by explicitly pointing
>> the file via "-f" startup option).
>>
>> Regards,
>>
>> Bogdan-Andrei Iancu
>> OpenSIPS Founder and Developer
>> http://www.opensips-solutions.com
>>
>> On 11.01.2016 03:46, chiu ching cheng wrote:
>>> ----------------------------------------------------
>>> openssips.cfg
>>>
>>> listen=tls:X.X.X.X:5061 # CUSTOMIZE ME
>>> rev_dns=no
>>>
>>> advertised_address="X.X.X.X"
>>> alias=X.X.X.X
>>>
>>>
>>> loadmodule "proto_udp.so"
>>>
>>>
>>> loadmodule "proto_tls.so"
>>> modparam("proto_tls","verify_cert", "0")
>>> modparam("proto_tls","require_cert", "0")
>>> modparam("proto_tls","tls_method", "TLSv1")
>>> modparam("proto_tls", "ciphers_list", "NULL")
>>> modparam("proto_tls","certificate",
>>> "/usr/local/etc/opensips/tls/user/user-cert.pem")
>>> modparam("proto_tls","private_key",
>>> "/usr/local/etc/opensips/tls/user/user-privkey.pem")
>>> modparam("proto_tls","ca_list",
>>> "/usr/local/etc/opensips/tls/user/user-calist.pem")
>>>
>>>
>>> On Fri, Jan 8, 2016 at 11:39 PM, Bogdan-Andrei Iancu
>>> <bogdan at opensips.org <mailto:bogdan at opensips.org>> wrote:
>>>
>>> Hi,
>>>
>>> Are you sure your opensips is using the proper config
>>> file (where the TLS interface is defined) ?
>>>
>>> Regards,
>>>
>>> Bogdan-Andrei Iancu
>>> OpenSIPS Founder and Developer
>>> http://www.opensips-solutions.com
>>>
>>> On 08.01.2016 12:06, chiu ching cheng wrote:
>>>> Dear Bordan :
>>>>
>>>> netstat -lnp | grep opensips
>>>> udp 0 0 127.0.0.1:5060
>>>> <http://127.0.0.1:5060> 0.0.0.0:* 1365/opensips
>>>>
>>>> you can find opensips is run , but just enable udp ,
>>>> not tls
>>>>
>>>> On Wed, Jan 6, 2016 at 5:24 PM, Bogdan-Andrei Iancu
>>>> <bogdan at opensips.org <mailto:bogdan at opensips.org>> wrote:
>>>>
>>>> Try
>>>>
>>>> "netstat -lnp | grep opensips"
>>>>
>>>> Regards,
>>>>
>>>> Bogdan-Andrei Iancu
>>>> OpenSIPS Founder and Developer
>>>> http://www.opensips-solutions.com
>>>>
>>>> On 06.01.2016 04:26, chiu ching cheng wrote:
>>>>> Dear Bogdan:
>>>>>
>>>>> thanks your reply , but as following , the sip udp
>>>>> is enable , opensips is enable ,and log no error .
>>>>> but tls not enable
>>>>>
>>>>> I ever install another opensips server which is
>>>>> behind the firewall and tls work fine , but this
>>>>> server is one interface public ip , one interface
>>>>> private , I just config one public ip . I don't
>>>>> know if this caused failure ( opensips at lease
>>>>> need two ip ?) .
>>>>>
>>>>> thanks !
>>>>>
>>>>> root at 125-227-130-1:~# netstat -tuln | grep 5061
>>>>> tcp 0 0 0.0.0.0:25061 <http://0.0.0.0:25061>
>>>>> 0.0.0.0:* LISTEN
>>>>> root at 125-227-130-1:~# netstat -tuln | grep 5060
>>>>> tcp 0 0 0.0.0.0:25060 <http://0.0.0.0:25060>
>>>>> 0.0.0.0:* LISTEN
>>>>> udp 0 0 127.0.0.1:5060
>>>>> <http://127.0.0.1:5060> 0.0.0.0:*
>>>>> root at 125-227-130-1:~# ps auxw | grep opensips
>>>>> root 1466 0.0 0.0 70052 4248 ? S 10:12
>>>>> 0:00 /usr/local/sbin/opensips -P /var/run/opensips.pid
>>>>> root 1467 0.0 0.0 70056 892 ? S
>>>>> 10:12 0:00 /usr/local/sbin/opensips -P
>>>>> /var/run/opensips.pid
>>>>> root 1468 0.4 0.0 70052 464 ? S
>>>>> 10:12 0:01 /usr/local/sbin/opensips -P
>>>>> /var/run/opensips.pid
>>>>> root 1469 0.0 0.0 70052 464 ? S
>>>>> 10:12 0:00 /usr/local/sbin/opensips -P
>>>>> /var/run/opensips.pid
>>>>> root 1470 0.0 0.0 70052 656 ? S
>>>>> 10:12 0:00 /usr/local/sbin/opensips -P
>>>>> /var/run/opensips.pid
>>>>> root 1471 0.0 0.0 70052 656 ? S
>>>>> 10:12 0:00 /usr/local/sbin/opensips -P
>>>>> /var/run/opensips.pid
>>>>> root 1472 0.0 0.0 70052 656 ? S
>>>>> 10:12 0:00 /usr/local/sbin/opensips -P
>>>>> /var/run/opensips.pid
>>>>> root 1473 0.0 0.0 70052 896 ? S
>>>>> 10:12 0:00 /usr/local/sbin/opensips -P
>>>>> /var/run/opensips.pid
>>>>> root 1731 0.0 0.0 11744 924 pts/0 R+ 10:18
>>>>> 0:00 grep --color=auto opensips
>>>>>
>>>>> On Tue, Jan 5, 2016 at 9:54 PM, Bogdan-Andrei
>>>>> Iancu <bogdan at opensips.org
>>>>> <mailto:bogdan at opensips.org>> wrote:
>>>>>
>>>>> Hi,
>>>>>
>>>>> Are you sure opensips is actually started ?
>>>>> check logs file for error or do "ps auxw |
>>>>> grep opensips"
>>>>>
>>>>> Regards,
>>>>>
>>>>> Bogdan-Andrei Iancu
>>>>> OpenSIPS Founder and Developer
>>>>> http://www.opensips-solutions.com
>>>>>
>>>>> On 28.12.2015 11:19, chiu ching cheng wrote:
>>>>>> Dear man :
>>>>>>
>>>>>> I install opensips 2.1.1 . It's seems ok .
>>>>>> But I find tls service not start . why ? It's
>>>>>> strange . Any one can give a explain . Thanks .
>>>>>>
>>>>>>
>>>>>>
>>>>>> lsb_release -a
>>>>>> No LSB modules are available.
>>>>>> Distributor ID:Ubuntu
>>>>>> Description:Ubuntu 14.04.1 LTS
>>>>>> Release:14.04
>>>>>> Codename:trusty
>>>>>> ------------------------------------------------------
>>>>>> opensipsctl restart
>>>>>>
>>>>>> INFO: Restarting OpenSIPS :
>>>>>> INFO: stopped
>>>>>>
>>>>>> INFO: Starting OpenSIPS :
>>>>>> INFO: started (pid: 2706)
>>>>>>
>>>>>> ----------------------------------------------------
>>>>>> openssips.cfg
>>>>>>
>>>>>> listen=tls:X.X.X.X:5061 # CUSTOMIZE ME
>>>>>> rev_dns=no
>>>>>>
>>>>>> advertised_address="X.X.X.X"
>>>>>> alias=X.X.X.X
>>>>>>
>>>>>>
>>>>>> loadmodule "proto_udp.so"
>>>>>>
>>>>>>
>>>>>> loadmodule "proto_tls.so"
>>>>>> modparam("proto_tls","verify_cert", "0")
>>>>>> modparam("proto_tls","require_cert", "0")
>>>>>> modparam("proto_tls","tls_method", "TLSv1")
>>>>>> modparam("proto_tls", "ciphers_list", "NULL")
>>>>>> modparam("proto_tls","certificate",
>>>>>> "/usr/local/etc/opensips/tls/user/user-cert.pem")
>>>>>> modparam("proto_tls","private_key",
>>>>>> "/usr/local/etc/opensips/tls/user/user-privkey.pem")
>>>>>> modparam("proto_tls","ca_list",
>>>>>> "/usr/local/etc/opensips/tls/user/user-calist.pem")
>>>>>>
>>>>>> ----------------------------------------------------------------------------------------------------
>>>>>>
>>>>>> netstat -tuln | grep 5061
>>>>>> tcp 0 0 0.0.0.0:25061
>>>>>> <http://0.0.0.0:25061> 0.0.0.0:* LISTEN
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Users mailing list
>>>>>> Users at lists.opensips.org
>>>>>> <mailto:Users at lists.opensips.org>
>>>>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20160119/57ad97d2/attachment-0001.htm>
More information about the Users
mailing list