[OpenSIPS-Users] MS Teams and SBC integration

Thiago Lopes tlopes at unitedworldtelecom.com
Fri Mar 7 21:10:29 UTC 2025


Hi everyone,

I'm trying to integrate Ms Teams and Opensips and I'm having some problems.

I tried to use self signed and Letsencrypt certificates, with no success. I
always receive a ''no TLS client domain found'.

 /usr/sbin/opensips[505412]: ERROR:proto_tls:proto_tls_conn_init: no TLS
client domain found
 /usr/sbin/opensips[505412]: ERROR:core:tcp_conn_create: failed to do proto
3 specific init for conn 0x7f7220f343b0
 /usr/sbin/opensips[505412]: ERROR:core:tcp_async_connect: tcp_conn_create
failed

Here my opensips.cfg:

loadmodule "tls_mgm.so"

/*#first the  server domain */
modparam("tls_mgm", "server_domain", "default")
modparam("tls_mgm", "certificate", "[default]/etc/letsencrypt/live/
sbc.mydomain.com/fullchain.pem")
modparam("tls_mgm", "private_key", "[default]/etc/letsencrypt/live/
sbc.mydomain.com/privkey.pem")
modparam("tls_mgm", "ca_list", "[default]/etc/letsencrypt/live/
sbc.mydomain.com/inter.pem")
modparam("tls_mgm", "match_sip_domain", "[default]sbc.mydomain.com")
modparam("tls_mgm", "verify_cert", "[default]0")
#modparam("tls_mgm", "require_cert", "[default]1")
#modparam("tls_mgm", "ciphers_list", "[default]AES128-SHA256:AES256-SHA")
modparam("tls_mgm", "tls_method", "[default]SSLv23")


 # #and the client domain

modparam("tls_mgm", "client_domain", "client")
modparam("tls_mgm", "certificate", "[client]/etc/letsencrypt/live/
sbc.mydomain.com/fullchain.pem")
modparam("tls_mgm", "private_key", "[client]/etc/letsencrypt/live/
sbc.mydomain.com/privkey.pem")
modparam("tls_mgm", "ca_list", "[client]/etc/letsencrypt/live/
sbc.mydomain.com/inter.pem")
#modparam("tls_mgm", "ca_dir", "[client]/etc/letsencrypt/live/
sbc.mydomain.com/")
modparam("tls_mgm", "match_sip_domain", "[client]sbc.mydomain.com")

modparam("tls_mgm", "verify_cert", "[client]0")
 # modparam("tls_mgm", "require_cert", "[client]1")
 # modparam("tls_mgm", "ciphers_list", "[client]AES128-SHA256:AES256-SHA")
modparam("tls_mgm", "tls_method", "[client]SSLv23")

I also changed the certificates, using self signed in "server domain" only
or "client domain" only. Same result.

Using the openssl the verify the certificates, I receive a OK in console:

fullchain.pem: OK

The inter.pem is the file with the root and intermediate Letsencrypt
certificates.

On the Ms Teams side, I checked the FQDN used, checked the firewall ports
etc.

I followed this tutorial:
https://blog.opensips.org/2019/09/16/opensips-as-ms-teams-sbc/  , so I'm
using the Dynamic Routing module to send the OPTIONS packet. The opensips
start the communication using TLS, I see the packets using TLS in 5061
port, but when Opensips will answer, this message appears on the console
and the connection is closed.

/usr/sbin/opensips[505398]: ERROR:tm:t_uac: attempt to send to 'sip:
sip.pstnhub.microsoft.com' failed
/usr/sbin/opensips[505398]: ERROR:proto_tls:proto_tls_conn_init: no TLS
client domain found
/usr/sbin/opensips[505398]: ERROR:core:tcp_conn_create: failed to do proto
3 specific init for conn 0x7f7220f4df40

What I'm not seeing? Did someone pass through this problem?
Best regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20250307/0f16ae53/attachment.html>


More information about the Users mailing list