<p dir="ltr">Well, I&#39;m trying to connect my server to that specific SIP client, and wondering if the cause of the error is SSL version 2 being disabled.  Once I&#39;ve found the cause of the error I can try to make my own application more secure. </p>
<div class="gmail_quote">On 24 Jun 2015 02:58, &quot;Babil (Golam Sarwar)&quot; &lt;<a href="mailto:gsbabil@gmail.com">gsbabil@gmail.com</a>&gt; wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">SSL version 2.0 has some serious flaws including undetectable downgrade<br>
attacks [0], rendering the SSL protection worthless, and strictly not<br>
recommended for production environments. Are you sure you want this for<br>
your users?<br>
<br>
[0]<br>
<a href="http://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_1.0.2C_2.0_and_3.0" rel="noreferrer" target="_blank">http://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_1.0.2C_2.0_and_3.0</a><br>
<br>
<br>
On 23/06/2015 6:45 PM, Nabeel wrote:<br>
&gt; How can I enable SSL version 2 on OpenSIPS?<br>
&gt;<br>
&gt; On 23 Jun 2015 21:59, &quot;Nabeel&quot; &lt;<a href="mailto:nabeelshikder@gmail.com">nabeelshikder@gmail.com</a><br>
&gt; &lt;mailto:<a href="mailto:nabeelshikder@gmail.com">nabeelshikder@gmail.com</a>&gt;&gt; wrote:<br>
&gt;<br>
&gt;     This is the full log.... is it using SSL version 2 which is disabled<br>
&gt;     in OpenSIPs?<br>
&gt;     In particular, this part:<br>
&gt;<br>
&gt;      &quot;SIP/2.0 500 Server error occurred (7/TM)<br>
&gt;         Via: SIP/2.0/TLS&quot;<br>
&gt;<br>
&gt;     06-23 21:45:39.790  14512-21632/com.domain<br>
&gt;     I/org.zoolu.net.TcpSocket﹕ Initializing SSLContext for first use<br>
&gt;     06-23 21:45:39.841  14512-21632/com.domain<br>
&gt;     I/org.zoolu.net.TcpSocket﹕ Adding the customKeyStore to trust<br>
&gt;     manager for SSLContext<br>
&gt;     06-23 21:45:39.944  14512-21632/com.domain<br>
&gt;     I/org.zoolu.net.TcpSocket﹕ Connecting socket to 87.xx.xxx.42, port 5061<br>
&gt;     06-23 21:45:39.945  14512-21632/com.domain I/System.out﹕<br>
&gt;     [socket][145] connection /87.xx.xxx.42:5061;LocalPort=41942(10000)<br>
&gt;     06-23 21:45:39.946  14512-21632/com.domain I/System.out﹕<br>
&gt;     [CDS]connect[/87.xx.xxx.42:5061] tm:10<br>
&gt;     06-23 21:45:40.088  14512-21632/com.domain I/System.out﹕<br>
&gt;     [socket][/<a href="http://192.168.0.11:41942" rel="noreferrer" target="_blank">192.168.0.11:41942</a> &lt;<a href="http://192.168.0.11:41942" rel="noreferrer" target="_blank">http://192.168.0.11:41942</a>&gt;] connected<br>
&gt;     06-23 21:45:40.092  14512-21632/com.domain<br>
&gt;     I/org.zoolu.net.TcpSocket﹕ Local address is: /<a href="http://192.168.0.11:41942" rel="noreferrer" target="_blank">192.168.0.11:41942</a><br>
&gt;     &lt;<a href="http://192.168.0.11:41942" rel="noreferrer" target="_blank">http://192.168.0.11:41942</a>&gt;<br>
&gt;     06-23 21:45:40.094  14512-21632/com.domain<br>
&gt;     I/org.zoolu.net.TcpSocket﹕ Starting SSL handshake<br>
&gt;     06-23 21:45:40.155  14512-21632/com.domain E/NativeCrypto﹕<br>
&gt;     ssl=0x55751d88 cert_verify_callback x509_store_ctx=0x56f378b8 arg=0x0<br>
&gt;     06-23 21:45:40.155  14512-21632/com.domain E/NativeCrypto﹕<br>
&gt;     ssl=0x55751d88 cert_verify_callback calling verifyCertificateChain<br>
&gt;     authMethod=RSA<br>
&gt;     06-23 21:45:40.199  14512-14512/com.domain I/SipUA:﹕<br>
&gt;     android.net.wifi.SCAN_RESULTS<br>
&gt;     06-23 21:45:40.316  14512-21632/com.domain I/AppendingTrustManager﹕<br>
&gt;     Trusting a server certificate based on local trust store<br>
&gt;     06-23 21:45:40.357  14512-21632/com.domain<br>
&gt;     I/org.zoolu.net.TcpSocket﹕ Getting SSL session<br>
&gt;     06-23 21:45:40.357  14512-21632/com.domain<br>
&gt;     I/org.zoolu.net.TcpSocket﹕ Checking SSL session validity<br>
&gt;     06-23 21:45:40.358  14512-21632/com.domain<br>
&gt;     I/org.zoolu.net.TcpSocket﹕ Secure connection established<br>
&gt;     06-23 21:45:40.361  14512-21632/com.domain<br>
&gt;     I/org.zoolu.net.TcpSocket﹕ TcpSocket now ready<br>
&gt;     06-23 21:45:40.374  14512-21632/com.domain I/AndroidTimer﹕ created<br>
&gt;     an AndroidTimer for 840000 MILLISECONDS, id =<br>
&gt;     siptimer:f7b935cc-dd7c-477a-b1cd-1818beec08c2<br>
&gt;     06-23 21:45:40.375  14512-21632/com.domain I/IntegratedSipProvider﹕<br>
&gt;     connection tcp: opened<br>
&gt;     06-23 21:45:40.376  14512-21632/com.domain I/IntegratedSipProvider﹕<br>
&gt;     active connenctions:<br>
&gt;     06-23 21:45:40.377  14512-21632/com.domain I/IntegratedSipProvider﹕<br>
&gt;     conn-id=tls:87.xx.xxx.42:5061: tcp:<br>
&gt;     06-23 21:45:40.378  14512-21632/com.domain I/IntegratedSipProvider﹕<br>
&gt;     sending data through conn tcp:<br>
&gt;     06-23 21:45:40.412  14512-21631/com.domain I/System.out﹕<br>
&gt;     [CDS]close[34412]<br>
&gt;     06-23 21:45:40.413  14512-21631/com.domain I/System.out﹕ close<br>
&gt;     [socket][/<a href="http://0.0.0.0:34412" rel="noreferrer" target="_blank">0.0.0.0:34412</a> &lt;<a href="http://0.0.0.0:34412" rel="noreferrer" target="_blank">http://0.0.0.0:34412</a>&gt;]<br>
&gt;     06-23 21:45:40.570  14512-21641/com.domain I/AndroidTimer﹕ created<br>
&gt;     an AndroidTimer for 840000 MILLISECONDS, id =<br>
&gt;     siptimer:e730036d-5a22-4666-9de6-e1a1ec6fb517<br>
&gt;     06-23 21:45:40.573  14512-21641/com.domain I/IntegratedSipProvider﹕<br>
&gt;     message:<br>
&gt;         SIP/2.0 500 Server error occurred (7/TM)<br>
&gt;         Via: SIP/2.0/TLS<br>
&gt;     192.168.0.11:49068;received=192.168.0.11;rport=41942;branch=z9hG4bK71382<br>
&gt;<br>
&gt;<br>
&gt;<br>
&gt; _______________________________________________<br>
&gt; Users mailing list<br>
&gt; <a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
&gt; <a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" rel="noreferrer" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
&gt;<br>
<br>
--<br>
Regards,<br>
Babil (Golam Sarwar)<br>
<br>
PGP Key Fingerprint : D3A1 EED0 5BA0 72D3 A011 75CB 8EA6 7D99 F433 E92D<br>
PGP Key Download URL: <a href="http://bit.ly/gsbabil-pgp-key" rel="noreferrer" target="_blank">http://bit.ly/gsbabil-pgp-key</a><br>
<br>
<br>_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" rel="noreferrer" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
<br></blockquote></div>