<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <tt>Usually between 7 - 14 days, with the occasional exceptions.</tt><br>
    <pre class="moz-signature" cols="72">Liviu Chircu
OpenSIPS Developer
<a class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a></pre>
    <div class="moz-cite-prefix">On 28.07.2015 16:42, Rodrigo Pimenta
      Carvalho wrote:<br>
    </div>
    <blockquote cite="mid:1438090965551.13708@inatel.br" type="cite">
      <meta http-equiv="Content-Type" content="text/html;
        charset=windows-1252">
      <style type="text/css" style="display:none"><!--P{margin-top:0;margin-bottom:0;} p
        {margin-top:0;
        margin-bottom:0}p
        {margin-top:0;
        margin-bottom:0}--></style>
      <p>Hi Liviu.</p>
      <p><br>
      </p>
      <p>I have just investigated a bit more about the issue.</p>
      <p><br>
      </p>
      <p>The problem is related to the creation of the files (following
        the tutorial on page
        <a moz-do-not-send="true"
          href="http://www.opensips.org/Documentation/Tutorials-TLS-2-1">http://www.opensips.org/Documentation/Tutorials-TLS-2-1).</a> There
        is no problem to read the files (read CAKey or cert files)</p>
      <p>I have concluded it because I replaced the OpenSIPS certificate
        files by others that I had generated in 2014 using another
        tutorial.</p>
      <p><br>
      </p>
      <p>Ok. I will <font face="monospace"><font face="monospace">open
            a GitHub ticket</font></font> now.</p>
      <p><br>
      </p>
      <p>We are working in a project that will have to use OpenSIPS 2.2.
        Do you know, in an average, how long does it take to have a new
        ticket solved and closed?
        <br>
      </p>
      <p><br>
      </p>
      <p>Thank you very much for pointing the way of opening a Github
        ticket!</p>
      <p><br>
      </p>
      <div id="Signature">
        <div name="divtagdefaultwrapper"
          style="font-family:Calibri,Arial,Helvetica,sans-serif;
          font-size:; margin:0">
          <div class="BodyFragment"><font size="2">
              <div class="PlainText">RODRIGO PIMENTA CARVALHO<br>
                Inatel Competence Center<br>
                Software<br>
                Ph: +55 35 3471 9200 RAMAL 979<br>
              </div>
            </font></div>
        </div>
      </div>
      <div style="color: rgb(33, 33, 33);">
        <hr tabindex="-1" style="display:inline-block; width:98%">
        <div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt"
            color="#000000" face="Calibri, sans-serif"><b>De:</b>
            <a class="moz-txt-link-abbreviated" href="mailto:users-bounces@lists.opensips.org">users-bounces@lists.opensips.org</a>
            <a class="moz-txt-link-rfc2396E" href="mailto:users-bounces@lists.opensips.org">&lt;users-bounces@lists.opensips.org&gt;</a> em nome de Liviu
            Chircu <a class="moz-txt-link-rfc2396E" href="mailto:liviu@opensips.org">&lt;liviu@opensips.org&gt;</a><br>
            <b>Enviado:</b> terça-feira, 28 de julho de 2015 10:30<br>
            <b>Para:</b> <a class="moz-txt-link-abbreviated" href="mailto:users@lists.opensips.org">users@lists.opensips.org</a><br>
            <b>Assunto:</b> Re: [OpenSIPS-Users] Unable to load my
            private key file (TLS) in OpenSIPS 2.2. What should I check?
            Default example worked.</font>
          <div> </div>
        </div>
        <div><tt>Hi Rodrigo,<br>
            <br>
            It's just a web portal, you can find it here [1]. Register a
            new account, open a new issue, describe/explain it as best
            as you can, and we'll do our best to have it fixed and
            buried! Many thanks!<br>
            <br>
            [1]: <a moz-do-not-send="true"
              class="moz-txt-link-freetext"
href="https://github.com/OpenSIPS/opensips/issues?q=is%3Aopen+is%3Aissue+label%3Abug">https://github.com/OpenSIPS/opensips/issues?q=is%3Aopen+is%3Aissue+label%3Abug</a><br>
            <br>
            Best regards,<br>
          </tt>
          <pre class="moz-signature" cols="72">Liviu Chircu
OpenSIPS Developer
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a></pre>
          <div class="moz-cite-prefix">On 28.07.2015 15:56, Rodrigo
            Pimenta Carvalho wrote:<br>
          </div>
          <blockquote type="cite">
            <style type="text/css" style="">
<!--
p
        {margin-top:0;
        margin-bottom:0}
-->
</style>
            <p>Hi Liviu.</p>
            <p><br>
            </p>
            <p>Your hint has worked.</p>
            <p>So, could you send me the instructions on how to <font
                face="monospace"><font face="monospace">open a GitHub
                  ticket</font></font>? I still don't know how to open
              this, because I'm new on Git.</p>
            <p>While you send me the instructions, I will try to use old
              certificate files that I have since 2014, just to see if
              the issue is about reading or creating the files via
              OpenSIPS.<br>
            </p>
            <p><br>
            </p>
            <p>Many thanks. <br>
            </p>
            <p><br>
            </p>
            <div id="Signature">
              <div name="divtagdefaultwrapper"
                style="font-family:Calibri,Arial,Helvetica,sans-serif;
                font-size:; margin:0">
                <div class="BodyFragment"><font size="2">
                    <div class="PlainText">RODRIGO PIMENTA CARVALHO<br>
                      Inatel Competence Center<br>
                      Software<br>
                      Ph: +55 35 3471 9200 RAMAL 979<br>
                    </div>
                  </font></div>
              </div>
            </div>
            <div style="color:rgb(33,33,33)">
              <hr tabindex="-1" style="display:inline-block; width:98%">
              <div id="divRplyFwdMsg" dir="ltr"><font
                  style="font-size:11pt" color="#000000" face="Calibri,
                  sans-serif"><b>De:</b>
                  <a moz-do-not-send="true"
                    class="moz-txt-link-abbreviated"
                    href="mailto:users-bounces@lists.opensips.org">
                    users-bounces@lists.opensips.org</a> <a
                    moz-do-not-send="true" class="moz-txt-link-rfc2396E"
                    href="mailto:users-bounces@lists.opensips.org">
                    &lt;users-bounces@lists.opensips.org&gt;</a> em nome
                  de Liviu Chircu <a moz-do-not-send="true"
                    class="moz-txt-link-rfc2396E"
                    href="mailto:liviu@opensips.org">
                    &lt;liviu@opensips.org&gt;</a><br>
                  <b>Enviado:</b> terça-feira, 28 de julho de 2015 02:54<br>
                  <b>Para:</b> <a moz-do-not-send="true"
                    class="moz-txt-link-abbreviated"
                    href="mailto:users@lists.opensips.org">
                    users@lists.opensips.org</a><br>
                  <b>Assunto:</b> Re: [OpenSIPS-Users] Unable to load my
                  private key file (TLS) in OpenSIPS 2.2. What should I
                  check? Default example worked.</font>
                <div> </div>
              </div>
              <div><font face="monospace">Hi Rodrigo,<br>
                  <br>
                  Could you try to decrypt the key manually (i.e. remove
                  the passphrase), and use the resulting key in
                  OpenSIPS? You can use the following example:</font><br>
                <br>
                <pre style="overflow:auto; font-family:Menlo,Monaco,Consolas,'Courier New',monospace; font-size:13px; display:block; padding:9.5px; margin:0px 0px 10px; line-height:1.42857143; word-break:break-all; word-wrap:break-word; color:rgb(51,51,51); border:1px solid rgb(204,204,204); font-style:normal; font-variant:normal; font-weight:normal; letter-spacing:normal; orphans:auto; text-align:start; text-indent:0px; text-transform:none; widows:1; word-spacing:0px; background-color:rgb(245,245,245)"><font face="monospace">cp your_key </font><font face="monospace"><font face="monospace">your_key.bak</font></font>
openssl rsa -in <font face="monospace">your_key</font> -out new_key</pre>
                <font face="monospace"><font face="monospace">If this
                    works for you, could you please open a GitHub
                    ticket? Many thanks!<br>
                    <br>
                  </font>Best regards,<br>
                </font>
                <pre class="moz-signature" cols="72">Liviu Chircu
OpenSIPS Developer
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a></pre>
                <div class="moz-cite-prefix">On 28.07.2015 00:34,
                  Rodrigo Pimenta Carvalho wrote:<br>
                </div>
                <blockquote type="cite">
                  <style type="text/css" style="">
<!--
p
        {margin-top:0;
        margin-bottom:0}
-->
</style>
                  <p>Hi.</p>
                  <p><br>
                  </p>
                  <p>1 - I have read and followed all the instructions
                    on page <a moz-do-not-send="true"
                      href="http://www.opensips.org/Documentation/Tutorials-TLS-2-1">
http://www.opensips.org/Documentation/Tutorials-TLS-2-1</a> . It is
                    about how to set up TLS in OpenSIPS 2.1.
                    Good tutorial for beginners. But, there is no
                    tutorial for it in version 2.2</p>
                  <p>2 - I have read all the instructions from page <a
                      moz-do-not-send="true"
                      href="http://www.opensips.org/html/docs/modules/2.2.x/proto_tls.html">
http://www.opensips.org/html/docs/modules/2.2.x/proto_tls.html</a> .
                    This is the OpenSIPS TLS Module Guide.</p>
                  <p><br>
                  </p>
                  <p>3 - Considering all instructions I have learnt
                    today, I wrote the following configuration:</p>
                  <p><br>
                  </p>
                  <p>----------------------------------------------------------------------------------------------------------------------------------------------------------------</p>
                  <p><br>
                  </p>
                  <p>loadmodule "proto_tls.so"<br>
                    <br>
                    modparam("proto_tls","verify_cert", "1")<br>
                    modparam("proto_tls","require_cert",
                    "0")                                   <br>
                    modparam("proto_tls","tls_method", "tlsv1")  <br>
                    <br>
                    #modparam("proto_tls","certificate",
                    "/usr/local/opensips_proxy/etc/opensips/tls/user/user-cert.pem")    
                               # This line was generated automatically,
                    after using the make menuconfig. It works very well.<br>
                    #modparam("proto_tls","private_key",
                    "/usr/local/opensips_proxy/etc/opensips/tls/user/user-privkey.pem") 
                         # This line was generated automatically, after
                    using the make menuconfig. It works very well.<br>
                    #modparam("proto_tls","ca_list",
                    "/usr/local/opensips_proxy/etc/opensips/tls/user/user-calist.pem")                  
                    # This line was generated automatically, after using
                    the make menuconfig. It works very well.   
                    <br>
                    <br>
                    <br>
                     modparam("proto_tls", "certificate",
                    "/home/pimenta/SISC/TLS/tls_cnf/tls/rootCA/cacert.pem")           
                                    # I want to use the files generated
                    by me, following the tutorial on how to set up TLS.
                    No problem here.<br>
                     modparam("proto_tls", "private_key",
                    "/home/pimenta/SISC/TLS/tls_cnf/tls/rootCA/private/cakey.pem")   
                            # File also generated by me, following the
                    tutorial. ERROR here.  What is the problem??<br>
                     modparam("proto_tls", "ca_list",
                    "/home/pimenta/SISC/TLS/tls_cnf/tls/rootCA/cacert.pem")                                 
                    # I want to use the files generated by me, following
                    the tutorial on how to set up TLS. No problem here.
                          
                    <br>
                     modparam("proto_tls", "ca_dir",
                    "/home/pimenta/SISC/TLS/tls_cnf/tls/rootCA/")                           
                                              # I want to use the files
                    generated by me, following the tutorial on how to
                    set up TLS. No problem here.</p>
                  <p><br>
                  </p>
                  <p>----------------------------------------------------------------------------------------------------------------------------------------------------------------</p>
                  <p><br>
                  </p>
                  <p>4. All paths I'm using in such configuration are
                    real and correct.</p>
                  <p><br>
                  </p>
                  <p>5. When I try to run the OpenSIPS, I always got the
                    erro:</p>
                  <p><br>
                  </p>
                  <p><span style="color:rgb(0,111,201)"><span
                        style="color:rgb(0,111,201)"><span
                          style="color:rgb(0,111,201)">Jul 27 18:02:02
                          [13783] WARNING:proto_tls:mod_init: disabling
                          compression due ZLIB problems</span></span></span></p>
                  <p><span style="color:rgb(255,0,0)">...</span></p>
                  <p><span style="color:rgb(255,0,0)">...</span></p>
                  <p><span style="color:rgb(255,0,0)">Enter passphrase
                      for
                      /home/pimenta/SISC/TLS/tls_cnf/tls/rootCA/private/cakey.pem:</span><br
                      style="color:rgb(255,0,0)">
                    <span style="color:rgb(255,0,0)">Jul 27 18:02:02
                      [13783] ERROR:proto_tls:load_private_key: unable
                      to load private key file
                      '/home/pimenta/SISC/TLS/tls_cnf/tls/rootCA/private/cakey.pem'.</span></p>
                  <p><br>
                  </p>
                  <p>So, the file cakey.pem cann't be loaded. But, I'm
                    running the OpenSIPS as a superuser.<br>
                  </p>
                  <p><br>
                  </p>
                  <p><br>
                  </p>
                  <p>What should I check in my files to verify whether 
                    I have made some mistake?</p>
                  <p>To follow the tutorial for version 2.1 and to use
                    the version 2.2 can cause troubles? I tutorial I see
                    "TLSv1" and in the module guide I see "tlsv1". Is
                    the script case sensitive?<br>
                  </p>
                  <p><br>
                  </p>
                  <p>The issued file is: -rw------- 1 root root 1834 Jul
                    24 14:54
                    /home/pimenta/SISC/TLS/tls_cnf/tls/rootCA/private/cakey.pem.
                    Can it be owned by root user, or must be another
                    one?</p>
                  <p><br>
                  </p>
                  <p>I have just googled this case and I found same
                    problem for people who was using wrong key file,
                    which I think is not my case.<br>
                  </p>
                  <p><br>
                  </p>
                  <p>Any hint will be very helpful!<br>
                  </p>
                  <p><br>
                  </p>
                  <p>Thanks a lot!<br>
                  </p>
                  <p><br>
                  </p>
                  <p><br>
                  </p>
                  <div id="Signature">
                    <div name="divtagdefaultwrapper"
                      style="font-family:Calibri,Arial,Helvetica,sans-serif;
                      font-size:; margin:0">
                      <div class="BodyFragment"><font size="2">
                          <div class="PlainText">RODRIGO PIMENTA
                            CARVALHO<br>
                            Inatel Competence Center<br>
                            Software<br>
                            Ph: +55 35 3471 9200 RAMAL 979<br>
                          </div>
                        </font></div>
                    </div>
                  </div>
                  <br>
                  <fieldset class="mimeAttachmentHeader"></fieldset>
                  <br>
                  <pre>_______________________________________________
Users mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
                </blockquote>
                <br>
              </div>
            </div>
            <br>
            <fieldset class="mimeAttachmentHeader"></fieldset>
            <br>
            <pre>_______________________________________________
Users mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
          </blockquote>
          <br>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>
<a class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>