[OpenSIPS-Users] TLS - Private Key fails
Rodrigo R Passos
rodrigopassos at gmail.com
Fri Mar 15 17:35:34 UTC 2024
Hi everyone,
I'm trying to start opensips with a certificate generated by opensips-cli,
like a tutorial. I have the following results keys after completing the
command.
INFO: user certificate created in /etc/opensips/tls/user/wss-cert.pem
INFO: user private key created in /etc/opensips/tls/user/wss-privkey.pem
INFO: user CA list (chain of trust) created in
/etc/opensips/tls/user/wss-calist.pem
This is my configuration, in opensips.cfg:
modparam("tls_mgm", "server_domain", "wss")
modparam("tls_mgm", "match_ip_address","[wss]10.0.0.114:5443")
modparam("tls_mgm", "ca_dir", "[wss]/etc/opensips/tls/rootCA/certs")
modparam("tls_mgm", "ca_list", "[wss]/etc/opensips/tls/user/wss-calist.pem")
modparam("tls_mgm",
"certificate","[wss]/etc/opensips/tls/user/wss-cert.pem")
modparam("tls_mgm",
"private_key","[wss]/etc/opensips/tls/user/wss-privkey.pem")
modparam("tls_mgm", "verify_cert", "[wss]0")
modparam("tls_mgm", "require_cert", "[wss]0")
modparam("tls_mgm", "ciphers_list", "[wss]NULL")
modparam("tls_mgm", "tls_method", "[wss]TLSv1")
So, when I start opensips, the log shows information saying the private key
doesn't match with the public key. Follow the log:
Mar 15 14:27:14 esbc01 opensips[80845]: Mar 15 14:27:14 [80845]
ERROR:tls_openssl:load_private_key: unable to load private key file
'/etc/opensips/tls/user/wss-privkey.pem'.
Mar 15 14:27:14 esbc01 opensips[80845]: Retry (2 left) (check password case)
Mar 15 14:27:14 esbc01 opensips[80845]: Mar 15 14:27:14 [80845]
ERROR:tls_openssl:load_private_key: key
'/etc/opensips/tls/user/wss-privkey.pem' does not match the public key of
the certificate
Mar 15 14:27:14 esbc01 opensips[80845]: Mar 15 14:27:14 [80845]
ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'wss'
Mar 15 14:27:14 esbc01 opensips[80845]: Mar 15 14:27:14 [80845]
ERROR:core:init_mod: failed to initialize module tls_mgm
Mar 15 14:27:14 esbc01 opensips[80845]: Mar 15 14:27:14 [80845]
ERROR:core:main: error while initializing modules
All procedures to create my own certificate follow the tutorial.
Anyone know what is happening or have any problems like me?
BR
RP
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20240315/2e702093/attachment.html>
More information about the Users
mailing list