<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<tt>Glad the problem was solved.<br>
<br>
Still, maybe there is place to improve the code to properly
report/log the issue - did you get any indication (in logs) that
actually the key was bogus and the TLS handshake failed ?<br>
<br>
Regards,<br>
</tt>
<pre class="moz-signature" cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a></pre>
<div class="moz-cite-prefix">On 19.01.2016 17:36, Sebastian Sastre
wrote:<br>
</div>
<blockquote
cite="mid:CAB=UX=CjX0ESYZM+qx1iQx39CUnr9q1diYYzD1FtSoTTUb+AVg@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_default" style="font-family:tahoma,sans-serif">Bodgan, </div>
<div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif">Thanks
. Yes that one wasn’t an error but i had the wrong private key
configured and the socket was disconnecting so i was able to
generate new certs and it worked fine. I got some help from
IRC. </div>
<div class="gmail_default" style="font-family:tahoma,sans-serif">I
still see the notice but the socket stays up and i can
register. </div>
<div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif">Right
now i have the signaling working perfect, but i have no audio
either way. Im trying to figure out why rtpengine is not
working correctly. </div>
<div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif">Thanks
again </div>
<div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
</div>
<div class="gmail_default" style="font-family:tahoma,sans-serif"><br>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Tue, Jan 19, 2016 at 5:21 AM,
Bogdan-Andrei Iancu <span dir="ltr"><<a
moz-do-not-send="true" href="mailto:bogdan@opensips.org"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:bogdan@opensips.org">bogdan@opensips.org</a></a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> Hi Sebastian,<br>
<br>
That message is just an INFO (not an error) - you say TLS
handshake fails on opensips side as it expects a
certificate from the end point ?<br>
<br>
Regards,<br>
<pre cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a moz-do-not-send="true" href="http://www.opensips-solutions.com" target="_blank">http://www.opensips-solutions.com</a></pre>
<div>
<div class="h5">
<div>On 18.01.2016 06:32, Sebastian Sastre wrote:<br>
</div>
</div>
</div>
<blockquote type="cite">
<div>
<div class="h5">
<div dir="ltr">
<div class="gmail_default">
<div class="gmail_default"><font face="tahoma,
sans-serif">I’ve been trying to setup WSS
using 2.2 latest branch. </font></div>
<div class="gmail_default"><br>
</div>
<div class="gmail_default"><font face="tahoma,
sans-serif">When trying to open the web
socket i get “ Client did not present a TLS
certificate” . Im using the included default
ssl certs for the server to avoid mistakes .
What certificate is the user supposed to
present? </font></div>
<div class="gmail_default"><font face="tahoma,
sans-serif"><br>
</font></div>
<div class="gmail_default"><font face="tahoma,
sans-serif">I tried using sip.js and jssip
to connect without any luck. i also tried
disabling cert requirement but didn’t work. </font></div>
<div style="font-family:tahoma,sans-serif"><br>
</div>
<div style="font-family:tahoma,sans-serif">——
Config ——-</div>
<div style="font-family:tahoma,sans-serif"><br>
</div>
<div style="font-family:tahoma,sans-serif"><span
style="font-family:arial,sans-serif;font-size:13px">listen=</span><a
moz-do-not-send="true"><a class="moz-txt-link-freetext" href="wss:123.456.789.987:5060">wss:123.456.789.987:5060</a></a><br
style="font-family:arial,sans-serif;font-size:13px">
<span
style="font-family:arial,sans-serif;font-size:13px">listen=tls:123.456.789.987:</span><span
style="font-family:arial,sans-serif;font-size:13px">5061</span><br>
</div>
<div style="font-family:tahoma,sans-serif"><span
style="font-family:arial,sans-serif;font-size:13px">listen=</span><a
moz-do-not-send="true"><a class="moz-txt-link-freetext" href="wss:123.456.789.987:443">wss:123.456.789.987:443</a></a><br>
</div>
<div style="font-family:tahoma,sans-serif"><span
style="font-family:arial,sans-serif;font-size:13px"><br>
</span></div>
<div>
<div><font face="tahoma, sans-serif">load
module "proto_udp.so"</font></div>
<div><font face="tahoma, sans-serif">load
module “proto_tls.so”</font></div>
<div><font face="tahoma, sans-serif">loadmodule
"proto_wss.so"</font></div>
</div>
<div style="font-family:tahoma,sans-serif"><br>
</div>
<div>
<div><font face="tahoma, sans-serif">loadmodule
"tls_mgm.so"</font></div>
<div><font face="tahoma, sans-serif">modparam("tls_mgm",
"certificate",
"/etc/opensips/tls/rootCA/cacert.pem")
</font></div>
<div><font face="tahoma, sans-serif">modparam("tls_mgm",
"private_key",
"/etc/opensips/tls/rootCA/private/cakey.pem")
</font></div>
<div><font face="tahoma, sans-serif">modparam("tls_mgm",
"ca_list",
"/etc/opensips/tls/rootCA/cacert.pem")
</font></div>
<div><font face="tahoma, sans-serif">modparam("tls_mgm",
"ca_dir", "/etc/opensips/tls/rootCA/") </font></div>
<div><font face="tahoma, sans-serif">modparam("tls_mgm",
"require_cert", "0") </font></div>
<div><font face="tahoma, sans-serif">modparam(“tls_mgm",
"verify_cert", "0")</font></div>
</div>
<div><font face="tahoma, sans-serif"><br>
</font></div>
<div><font face="tahoma, sans-serif"><br>
</font></div>
<div><font face="tahoma, sans-serif">——-
Logs ——-</font><br>
</div>
<div>
<div class="gmail_default"><span
style="font-family:tahoma,sans-serif">/sbin/opensips[12468]:
<a moz-do-not-send="true">INFO:core:probe_max_sock_buff</a>:
using snd buffer of 416 kb</span><br>
</div>
<div class="gmail_default"><font face="tahoma,
sans-serif">/sbin/opensips[12468]: <a
moz-do-not-send="true"><a class="moz-txt-link-freetext" href="INFO:core:init_sock_keepalive">INFO:core:init_sock_keepalive</a></a>:
TCP keepalive enabled on socket 37</font></div>
<div class="gmail_default"><font face="tahoma,
sans-serif">/sbin/opensips[12460]: <a
moz-do-not-send="true"><a class="moz-txt-link-freetext" href="INFO:proto_wss:ls_accept">INFO:proto_wss:ls_accept</a></a>:
New TLS connection from xx.xx.xx.xx:50815
accepted</font></div>
<div class="gmail_default"><font face="tahoma,
sans-serif">/sbin/opensips[12460]: <a
moz-do-not-send="true"><a class="moz-txt-link-freetext" href="INFO:proto_wss:tls_accept">INFO:proto_wss:tls_accept</a></a>:
Client did not present a TLS certificate</font></div>
<div class="gmail_default"><font face="tahoma,
sans-serif">/sbin/opensips[12460]: <a
moz-do-not-send="true"><a class="moz-txt-link-freetext" href="INFO:proto_wss:ls_dump_cert_info">INFO:proto_wss:ls_dump_cert_info</a></a>:
tls_accept: local TLS server certificate
subject: /CN=OpenSIPS/ST=<a
moz-do-not-send="true"
href="mailto:opensips.org/C=IP/emailAddress=team@opensips.org/O=opensips.org"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:opensips.org/C=IP/emailAddress=team@opensips.org/O=opensips.org">opensips.org/C=IP/emailAddress=team@opensips.org/O=opensips.org</a></a>,
issuer: /CN=OpenSIPS/ST=<a
moz-do-not-send="true"
href="http://opensips.org/C=IP/emailAddress=team@opensips.org/O=opensips.org"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:opensips.org/C=IP/emailAddress=team@opensips.org/O=opensips.org">opensips.org/C=IP/emailAddress=team@opensips.org/O=opensips.org</a></a></font></div>
</div>
<div class="gmail_default"><font face="tahoma,
sans-serif"><br>
</font></div>
<div class="gmail_default"><font face="tahoma,
sans-serif"><br>
</font></div>
<div style="font-family:tahoma,sans-serif">Thanks
! </div>
<div style="font-family:tahoma,sans-serif"><br>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
</div>
</div>
<pre>_______________________________________________
Users mailing list
<a moz-do-not-send="true" href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a>
<a moz-do-not-send="true" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
</blockquote>
<br>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</body>
</html>