[OpenSIPS-Users] Problems with Teams
Răzvan Crainea
razvan at opensips.org
Thu Nov 14 09:02:22 UTC 2024
You need to have Microsoft's Certificates in the fullchain.crt file.
Best regards,
Răzvan Crainea
OpenSIPS Core Developer / SIPhub CTO
http://www.opensips-solutions.com / https://www.siphub.com
On 11/1/24 10:26 PM, Daniel Cogo De Vargas wrote:
> Hi.
>
> Thank you for answer Razvan.
>
> I used the files fullchain.crt, simple.key and gd_bundle.crt. Is the
> referenced file another?
>
> Example in opensips.cfg:
> modparam("tls_mgm","certificate",
> "[default]/etc/opensips/tls/user-cert/fullchain.crt")
> modparam("tls_mgm","private_key",
> "[default]/etc/opensips/tls/user-cert/simple.key")
> modparam("tls_mgm","ca_list",
> "[default]/etc/opensips/tls/user-cert/gd_bundle.crt")
>
> Best Regards,
> Daniel Cogo
>
> Em qua., 30 de out. de 2024 às 04:58, Răzvan Crainea <razvan at opensips.org>
> escreveu:
>
>> Hi, Daniel!
>>
>> It seems you are missing the some certificates in the trust chanin, most
>> likely the Root CA of Microsoft Azure RSA TLS. Make sure you have the
>> entire chain in your CA list.
>>
>> Best regards,
>>
>> Răzvan Crainea
>> OpenSIPS Core Developer / SIPhub CTO
>> http://www.opensips-solutions.com / https://www.siphub.com
>>
>> On 10/29/24 6:02 PM, Daniel Cogo De Vargas wrote:
>>> Hi Everyone,
>>>
>>> I have problem with Opensips 3.2 and MS Teams.
>>>
>>> I´m used the certify and private key generated from Go Daddy.
>>>
>>> I´m check the files and are OK. The extensions SIP register with TLS mode
>>> and make call. But when I try receive a call from MS Teams show the
>> message
>>> error:
>>>
>>> NOTICE:tls_wolfssl:verify_callback: depth = 1, verify success
>>> NOTICE:tls_wolfssl:verify_callback: depth = 0, verify failure
>>> NOTICE:tls_wolfssl:verify_callback: subject =
>>> /C=US/ST=WA/L=Redmond/O=Microsoft Corporation/CN=
>> sip.pstnhub.microsoft.com
>>> NOTICE:tls_wolfssl:verify_callback: issuer = /C=US/O=Microsoft
>>> Corporation/CN=Microsoft Azure RSA TLS Issuing CA 03
>>> NOTICE:tls_wolfssl:verify_callback: verify error: certificate verify
>> failed
>>> [error=-188]
>>> ERROR:tls_wolfssl:_wolfssl_tls_accept: New TLS connection from
>>> 52.114.132.46:25236 failed to accept
>>> ERROR:tls_wolfssl:_wolfssl_tls_accept: TLS accept error: -188,
>> certificate
>>> verify failed
>>> ERROR:proto_tls:tls_read_req: failed to do pre-tls handshake!
>>>
>>> Can you help me with this log?
>>>
>>> Best Regards,
>>> Daniel Cogo
>>>
>>>
>>> Hi Everyone,
>>>
>>> I have problem with Opensips 3.2 and MS Teams.
>>>
>>> I´m used the certify and private key generated from Go Daddy.
>>>
>>> I´m check the files and are OK. The extensions SIP register with TLS
>>> mode and make call. But when I try receive a call from MS Teams show the
>>> message error:
>>>
>>> NOTICE:tls_wolfssl:verify_callback: depth = 1, verify success
>>> NOTICE:tls_wolfssl:verify_callback: depth = 0, verify failure
>>> NOTICE:tls_wolfssl:verify_callback: subject = /C=US/ST=WA/L=Redmond/
>>> O=Microsoft Corporation/CN=sip.pstnhub.microsoft.com <http://
>>> sip.pstnhub.microsoft.com/>
>>> NOTICE:tls_wolfssl:verify_callback: issuer = /C=US/O=Microsoft
>>> Corporation/CN=Microsoft Azure RSA TLS Issuing CA 03
>>> NOTICE:tls_wolfssl:verify_callback: verify error: certificate verify
>>> failed [error=-188]
>>> ERROR:tls_wolfssl:_wolfssl_tls_accept: New TLS connection from
>>> 52.114.132.46:25236 <http://52.114.132.46:25236/> failed to accept
>>> ERROR:tls_wolfssl:_wolfssl_tls_accept: TLS accept error: -188,
>>> certificate verify failed
>>> ERROR:proto_tls:tls_read_req: failed to do pre-tls handshake!
>>>
>>> Can you help me with this log?
>>>
>>> Best Regards,
>>> Daniel Cogo
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at lists.opensips.org
>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>> Hi.
>>
>> Thank you for answer Razvan.
>>
>> I used the files fullchain.crt, simple.key and gd_bundle.crt. Is the
>> referenced file another?
>>
>> Example in opensips.cfg:
>> modparam("tls_mgm","certificate", "[default]/etc/opensips/tls/user-
>> cert/fullchain.crt")
>> modparam("tls_mgm","private_key", "[default]/etc/opensips/tls/user-
>> cert/simple.key")
>> modparam("tls_mgm","ca_list", "[default]/etc/opensips/tls/user-cert/
>> gd_bundle.crt")
>>
>> Best Regards,
>> Daniel Cogo
>>
>> Em qua., 30 de out. de 2024 às 04:58, Răzvan Crainea
>> <razvan at opensips.org <mailto:razvan at opensips.org>> escreveu:
>>
>> Hi, Daniel!
>>
>> It seems you are missing the some certificates in the trust
>> chanin, most
>> likely the Root CA of Microsoft Azure RSA TLS. Make sure you have the
>> entire chain in your CA list.
>>
>> Best regards,
>>
>> Răzvan Crainea
>> OpenSIPS Core Developer / SIPhub CTO
>> http://www.opensips-solutions.com <http://www.opensips-
>> solutions.com> / https://www.siphub.com <https://www.siphub.com>
>>
>> On 10/29/24 6:02 PM, Daniel Cogo De Vargas wrote:
>> > Hi Everyone,
>> >
>> > I have problem with Opensips 3.2 and MS Teams.
>> >
>> > I´m used the certify and private key generated from Go Daddy.
>> >
>> > I´m check the files and are OK. The extensions SIP register with
>> TLS mode
>> > and make call. But when I try receive a call from MS Teams show
>> the message
>> > error:
>> >
>> > NOTICE:tls_wolfssl:verify_callback: depth = 1, verify success
>> > NOTICE:tls_wolfssl:verify_callback: depth = 0, verify failure
>> > NOTICE:tls_wolfssl:verify_callback: subject =
>> > /C=US/ST=WA/L=Redmond/O=Microsoft Corporation/
>> CN=sip.pstnhub.microsoft.com <http://sip.pstnhub.microsoft.com>
>> > NOTICE:tls_wolfssl:verify_callback: issuer = /C=US/O=Microsoft
>> > Corporation/CN=Microsoft Azure RSA TLS Issuing CA 03
>> > NOTICE:tls_wolfssl:verify_callback: verify error: certificate
>> verify failed
>> > [error=-188]
>> > ERROR:tls_wolfssl:_wolfssl_tls_accept: New TLS connection from
>> > 52.114.132.46:25236 <http://52.114.132.46:25236> failed to accept
>> > ERROR:tls_wolfssl:_wolfssl_tls_accept: TLS accept error: -188,
>> certificate
>> > verify failed
>> > ERROR:proto_tls:tls_read_req: failed to do pre-tls handshake!
>> >
>> > Can you help me with this log?
>> >
>> > Best Regards,
>> > Daniel Cogo
>> >
>> >
>> > Hi Everyone,
>> >
>> > I have problem with Opensips 3.2 and MS Teams.
>> >
>> > I´m used the certify and private key generated from Go Daddy.
>> >
>> > I´m check the files and are OK. The extensions SIP register with
>> TLS
>> > mode and make call. But when I try receive a call from MS Teams
>> show the
>> > message error:
>> >
>> > NOTICE:tls_wolfssl:verify_callback: depth = 1, verify success
>> > NOTICE:tls_wolfssl:verify_callback: depth = 0, verify failure
>> > NOTICE:tls_wolfssl:verify_callback: subject = /C=US/ST=WA/
>> L=Redmond/
>> > O=Microsoft Corporation/CN=sip.pstnhub.microsoft.com <http://
>> sip.pstnhub.microsoft.com> <http://
>> > sip.pstnhub.microsoft.com/ <http://sip.pstnhub.microsoft.com/>>
>> > NOTICE:tls_wolfssl:verify_callback: issuer = /C=US/O=Microsoft
>> > Corporation/CN=Microsoft Azure RSA TLS Issuing CA 03
>> > NOTICE:tls_wolfssl:verify_callback: verify error: certificate
>> verify
>> > failed [error=-188]
>> > ERROR:tls_wolfssl:_wolfssl_tls_accept: New TLS connection from
>> > 52.114.132.46:25236 <http://52.114.132.46:25236>
>> <http://52.114.132.46:25236/ <http://52.114.132.46:25236/>> failed
>> to accept
>> > ERROR:tls_wolfssl:_wolfssl_tls_accept: TLS accept error: -188,
>> > certificate verify failed
>> > ERROR:proto_tls:tls_read_req: failed to do pre-tls handshake!
>> >
>> > Can you help me with this log?
>> >
>> > Best Regards,
>> > Daniel Cogo
>> >
>> > _______________________________________________
>> > Users mailing list
>> > Users at lists.opensips.org <mailto:Users at lists.opensips.org>
>> > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>> <http://lists.opensips.org/cgi-bin/mailman/listinfo/users>
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org <mailto:Users at lists.opensips.org>
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users <http://
>> lists.opensips.org/cgi-bin/mailman/listinfo/users>
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
More information about the Users
mailing list