[OpenSIPS-Users] TLS - Private Key fails

Bogdan-Andrei Iancu bogdan at opensips.org
Wed Mar 20 14:01:59 UTC 2024 

Hi,

I see the root problem is OpenSIPS failing to load the private key file 
- I see some log about password case. So, when you generated the key, 
have you set a password for it?

Regards

Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
   https://www.opensips-solutions.com
   https://www.siphub.com

On 15.03.2024 19:35, Rodrigo R Passos wrote:
>
> Hi everyone,
>
>
> I'm trying to start opensips with a certificate generated by 
> opensips-cli, like a tutorial. I have the following results keys after 
> completing the command.
>
> INFO: user certificate created in /etc/opensips/tls/user/wss-cert.pem
>
> INFO: user private key created in /etc/opensips/tls/user/wss-privkey.pem
>
> INFO: user CA list (chain of trust) created in 
> /etc/opensips/tls/user/wss-calist.pem
>
>
> This is my configuration, in opensips.cfg:
>
> modparam("tls_mgm", "server_domain", "wss")
> modparam("tls_mgm", "match_ip_address","[wss]10.0.0.114:5443 
> <http://10.0.0.114:5443>")
> modparam("tls_mgm", "ca_dir", "[wss]/etc/opensips/tls/rootCA/certs")
> modparam("tls_mgm", "ca_list", 
> "[wss]/etc/opensips/tls/user/wss-calist.pem")
> modparam("tls_mgm", 
> "certificate","[wss]/etc/opensips/tls/user/wss-cert.pem")
> modparam("tls_mgm", 
> "private_key","[wss]/etc/opensips/tls/user/wss-privkey.pem")
> modparam("tls_mgm", "verify_cert", "[wss]0")
> modparam("tls_mgm", "require_cert", "[wss]0")
> modparam("tls_mgm", "ciphers_list", "[wss]NULL")
> modparam("tls_mgm", "tls_method", "[wss]TLSv1")
>
>
> So, when I start opensips, the log shows information saying the 
> private key doesn't match with the public key. Follow the log:
>
>
> Mar 15 14:27:14 esbc01 opensips[80845]: Mar 15 14:27:14 [80845] 
> ERROR:tls_openssl:load_private_key: unable to load private key file 
> '/etc/opensips/tls/user/wss-privkey.pem'.
>
> Mar 15 14:27:14 esbc01 opensips[80845]: Retry (2 left) (check password 
> case)
>
> Mar 15 14:27:14 esbc01 opensips[80845]: Mar 15 14:27:14 [80845] 
> ERROR:tls_openssl:load_private_key: key 
> '/etc/opensips/tls/user/wss-privkey.pem' does not match the public key 
> of the certificate
>
> Mar 15 14:27:14 esbc01 opensips[80845]: Mar 15 14:27:14 [80845] 
> ERROR:tls_mgm:init_tls_domains: Failed to init TLS domain 'wss'
>
> Mar 15 14:27:14 esbc01 opensips[80845]: Mar 15 14:27:14 [80845] 
> ERROR:core:init_mod: failed to initialize module tls_mgm
>
> Mar 15 14:27:14 esbc01 opensips[80845]: Mar 15 14:27:14 [80845] 
> ERROR:core:main: error while initializing modules
>
> All procedures to create my own certificate follow the tutorial.
>
>
> Anyone know what is happening or have any problems like me?
>
>
> BR
>
>
> RP
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20240320/e0ec9930/attachment.html>

More information about the Users mailing list