[OpenSIPS-Users] TLS - Private Key fails

Rodrigo R Passos rodrigopassos at gmail.com
Fri Mar 15 17:35:34 UTC 2024 

Hi everyone,


I'm trying to start opensips with a certificate generated by opensips-cli,
like a tutorial. I have the following results keys after completing the
command.

INFO: user certificate created in /etc/opensips/tls/user/wss-cert.pem

INFO: user private key created in /etc/opensips/tls/user/wss-privkey.pem

INFO: user CA list (chain of trust) created in
/etc/opensips/tls/user/wss-calist.pem


This is my configuration, in opensips.cfg:

modparam("tls_mgm", "server_domain", "wss")
modparam("tls_mgm", "match_ip_address","[wss]10.0.0.114:5443")
modparam("tls_mgm", "ca_dir", "[wss]/etc/opensips/tls/rootCA/certs")
modparam("tls_mgm", "ca_list", "[wss]/etc/opensips/tls/user/wss-calist.pem")
modparam("tls_mgm",
"certificate","[wss]/etc/opensips/tls/user/wss-cert.pem")
modparam("tls_mgm",
"private_key","[wss]/etc/opensips/tls/user/wss-privkey.pem")
modparam("tls_mgm", "verify_cert", "[wss]0")
modparam("tls_mgm", "require_cert", "[wss]0")
modparam("tls_mgm", "ciphers_list", "[wss]NULL")
modparam("tls_mgm", "tls_method", "[wss]TLSv1")


So, when I start opensips, the log shows information saying the private key
doesn't match with the public key. Follow the log:


Mar 15 14:27:14 esbc01 opensips[80845]: Mar 15 14:27:14 [80845]
ERROR:tls_openssl:load_private_key: unable to load private key file
'/etc/opensips/tls/user/wss-privkey.pem'.

Mar 15 14:27:14 esbc01 opensips[80845]: Retry (2 left) (check password case)

Mar 15 14:27:14 esbc01 opensips[80845]: Mar 15 14:27:14 [80845]
ERROR:tls_openssl:load_private_key: key
'/etc/opensips/tls/user/wss-privkey.pem' does not match the public key of
the certificate

Mar 15 14:27:14 esbc01 opensips[80845]: Mar 15 14:27:14 [80845]
ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'wss'

Mar 15 14:27:14 esbc01 opensips[80845]: Mar 15 14:27:14 [80845]
ERROR:core:init_mod: failed to initialize module tls_mgm

Mar 15 14:27:14 esbc01 opensips[80845]: Mar 15 14:27:14 [80845]
ERROR:core:main: error while initializing modules



All procedures to create my own certificate follow the tutorial.


Anyone know what is happening or have any problems like me?


BR


RP
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20240315/2e702093/attachment.html>

More information about the Users mailing list