[OpenSIPS-Users] WSS Client did not present a TLS certificate

Sebastian Sastre sastre.sebastian at gmail.com
Tue Jan 19 16:36:46 CET 2016


Bodgan,

Thanks . Yes that one wasn’t an error but i had the wrong private key
configured and the socket was disconnecting so i was able to generate new
certs and it worked fine. I got some help from IRC.
I still see the notice but the socket stays up and i can register.

Right now i have the signaling working perfect, but i have no audio either
way. Im trying to figure out why rtpengine is not working correctly.

Thanks again




On Tue, Jan 19, 2016 at 5:21 AM, Bogdan-Andrei Iancu <bogdan at opensips.org>
wrote:

> Hi Sebastian,
>
> That message is just an INFO (not an error) - you say TLS handshake fails
> on opensips side as it expects a certificate from the end point ?
>
> Regards,
>
> Bogdan-Andrei Iancu
> OpenSIPS Founder and Developerhttp://www.opensips-solutions.com
>
> On 18.01.2016 06:32, Sebastian Sastre wrote:
>
> I’ve been trying to setup WSS using 2.2 latest branch.
>
> When trying to open the web socket i get “ Client did not present a TLS
> certificate” . Im using the included default ssl certs for the server to
> avoid mistakes . What certificate is the user supposed to present?
>
> I tried using sip.js and jssip to connect without any luck. i also tried
> disabling cert requirement but didn’t work.
>
> —— Config ——-
>
> listen=wss:123.456.789.987:5060
> listen=tls:123.456.789.987:5061
> listen=wss:123.456.789.987:443
>
> load module "proto_udp.so"
> load module “proto_tls.so”
> loadmodule "proto_wss.so"
>
> loadmodule "tls_mgm.so"
> modparam("tls_mgm", "certificate", "/etc/opensips/tls/rootCA/cacert.pem")
>
> modparam("tls_mgm", "private_key",
> "/etc/opensips/tls/rootCA/private/cakey.pem")
> modparam("tls_mgm", "ca_list", "/etc/opensips/tls/rootCA/cacert.pem")
>
> modparam("tls_mgm", "ca_dir", "/etc/opensips/tls/rootCA/")
> modparam("tls_mgm", "require_cert", "0")
> modparam(“tls_mgm", "verify_cert", "0")
>
>
> ——- Logs ——-
> /sbin/opensips[12468]: INFO:core:probe_max_sock_buff: using snd buffer of
> 416 kb
> /sbin/opensips[12468]: INFO:core:init_sock_keepalive: TCP keepalive
> enabled on socket 37
> /sbin/opensips[12460]: INFO:proto_wss:ls_accept: New TLS connection from
> xx.xx.xx.xx:50815 accepted
> /sbin/opensips[12460]: INFO:proto_wss:tls_accept: Client did not present
> a TLS certificate
> /sbin/opensips[12460]: INFO:proto_wss:ls_dump_cert_info: tls_accept:
> local TLS server certificate subject: /CN=OpenSIPS/ST=
> <http://opensips.org/C=IP/emailAddress=team@opensips.org/O=opensips.org>
> opensips.org/C=IP/emailAddress=team at opensips.org/O=opensips.org, issuer:
> /CN=OpenSIPS/ST=
> opensips.org/C=IP/emailAddress=team at opensips.org/O=opensips.org
>
>
> Thanks !
>
>
>
> _______________________________________________
> Users mailing listUsers at lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20160119/96893441/attachment.htm>


More information about the Users mailing list