[OpenSIPS-Users] Opensips 3.0 + Letsencrypt + TLS issues

[HS]

Dear all.

Been trying to make TLS work for our setup. With the following
configuration:

loadmodule "tls_mgm.so"
modparam("tls_mgm", "server_domain", "ourdomain.com")
modparam("tls_mgm","verify_cert", "[ourdomain.com]0")
modparam("tls_mgm","require_cert", "[ourdomain.com]0")
modparam("tls_mgm","tls_method", "[ourdomain.com]TLSv1")
modparam("tls_mgm", "certificate", "[ourdomain.com
]/etc/opensips/tls/tls_cnf/fullchain.pem")
modparam("tls_mgm", "private_key", "[ourdomain.com
]/etc/opensips/tls/tls_cnf/privkey.pem")

Things work fine if I use the default/testing file path (rootCA), however,
when I change to using the private key from letsencrypt I get the following
error:

Sep 21 10:39:50 ip-172-31-27-223 /usr/sbin/opensips[3240]:
ERROR:tls_mgm:load_private_key: unable to load private key file
'/etc/opensips/tls/tls_cnf/privkey.pem'. #012Retry (0 left) (check password
case)
Sep 21 10:39:50 ip-172-31-27-223 /usr/sbin/opensips[3240]:
ERROR:tls_mgm:load_private_key: unable to load private key file
'/etc/opensips/tls/tls_cnf/privkey.pem'
Sep 21 10:39:50 ip-172-31-27-223 /usr/sbin/opensips[3240]:
ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'ourdomain.com'
Sep 21 10:39:50 ip-172-31-27-223 /usr/sbin/opensips[3240]:
ERROR:core:init_mod: failed to initialize module tls_mgm

I have tried removing the password (
https://github.com/OpenSIPS/opensips/issues/987), but letsencrypt keys
don't have a password - it didn't work.

Any thoughts please?

Many thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20210921/540258c0/attachment-0001.html>