<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <font face="monospace">Hi Francisco,<br>
      <br>
      So, if you use wildcard for </font><font face="monospace">match_sip_domain
      in the client TLS domain, doesn't work for you ?<br>
      <br>
      Regards.<br>
    </font>
    <pre class="moz-signature" cols="72">Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
  <a class="moz-txt-link-freetext" href="https://www.opensips-solutions.com">https://www.opensips-solutions.com</a>
OpenSIPS Summit 27-30 Sept 2022, Athens
  <a class="moz-txt-link-freetext" href="https://www.opensips.org/events/Summit-2022Athens/">https://www.opensips.org/events/Summit-2022Athens/</a></pre>
    <div class="moz-cite-prefix">On 8/10/22 5:03 PM, Francisco Neto
      wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:d8ec8b2d-9ffb-4741-a3b4-63ff4f662376@Spark">
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
      <title></title>
      <div name="messageBodySection">
        <div dir="auto">Hi Bogdan-Andrei!<br>
          <br>
          I’ve made the changes and now I can edit the TLS certificates
          normally by control panel but I continue having a problem.<br>
          <br>
          If I configure the certificate directly on the configuration
          file the connection with Microsoft Teams is correctly
          established, if I configure through control panel, I receive
          on log the following messages:<br>
          <br>
          ERROR:proto_tls:proto_tls_conn_init: no TLS client domain
          found<br>
          Aug 10 11:00:04 bowser /usr/sbin/opensips[55047]:
          ERROR:core:tcp_conn_create: failed to do proto 3 specific init
          for conn 0x7f22a5f993d0<br>
          Aug 10 11:00:04 bowser /usr/sbin/opensips[55047]:
          ERROR:core:tcp_sync_connect: tcp_conn_create failed, closing
          the socket<br>
          Aug 10 11:00:04 bowser /usr/sbin/opensips[55047]:
          ERROR:proto_tls:proto_tls_send: connect failed<br>
          Aug 10 11:00:04 bowser /usr/sbin/opensips[55047]:
          ERROR:tm:msg_send: send() to 52.114.132.46:5061 for proto
          tls/3 failed<br>
          Aug 10 11:00:04 bowser /usr/sbin/opensips[55047]:
          ERROR:tm:t_uac: attempt to send to
          '<a class="moz-txt-link-freetext" href="sip:sip.pstnhub.microsoft.com">sip:sip.pstnhub.microsoft.com</a>' failed<br>
          Aug 10 11:00:04 bowser /usr/sbin/opensips[55047]:
          ERROR:proto_tls:proto_tls_conn_init: no TLS client domain
          found<br>
          Aug 10 11:00:04 bowser /usr/sbin/opensips[55047]:
          ERROR:core:tcp_conn_create: failed to do proto 3 specific init
          for conn 0x7f22a5f91420<br>
          Aug 10 11:00:04 bowser /usr/sbin/opensips[55047]:
          ERROR:core:tcp_sync_connect: tcp_conn_create failed, closing
          the socket<br>
          Aug 10 11:00:04 bowser /usr/sbin/opensips[55047]:
          ERROR:proto_tls:proto_tls_send: connect failed<br>
          Aug 10 11:00:04 bowser /usr/sbin/opensips[55047]:
          ERROR:tm:msg_send: send() to 52.114.76.76:5061 for proto tls/3
          failed<br>
          Aug 10 11:00:04 bowser /usr/sbin/opensips[55047]:
          ERROR:tm:t_uac: attempt to send to
          '<a class="moz-txt-link-freetext" href="sip:sip2.pstnhub.microsoft.com">sip:sip2.pstnhub.microsoft.com</a>' failed<br>
          Aug 10 11:00:05 bowser /usr/sbin/opensips[55047]:
          ERROR:core:tcp_connect_blocking_timeout: connect timed out,
          599667 us elapsed out of 600000 us<br>
          Aug 10 11:00:05 bowser /usr/sbin/opensips[55047]:
          ERROR:core:tcp_sync_connect_fd: tcp_blocking_connect failed<br>
          Aug 10 11:00:05 bowser /usr/sbin/opensips[55047]:
          ERROR:proto_tls:proto_tls_send: connect failed<br>
          Aug 10 11:00:05 bowser /usr/sbin/opensips[55047]:
          ERROR:tm:msg_send: send() to 52.114.32.169:5061 for proto
          tls/3 failed<br>
          Aug 10 11:00:05 bowser /usr/sbin/opensips[55047]:
          ERROR:tm:t_uac: attempt to send to
          '<a class="moz-txt-link-freetext" href="sip:sip3.pstnhub.microsoft.com">sip:sip3.pstnhub.microsoft.com</a>' failed<br>
          Aug 10 11:00:09 bowser /usr/sbin/opensips[55047]:
          ERROR:proto_tls:proto_tls_conn_init: no TLS client domain
          found<br>
          <br>
          I will send attached the screenshot of the control panel and
          below the configuration that works.<br>
          <br>
          If it isn’t related to the same problem tell me and I send the
          message to the open list ok!<br>
          <br>
          Thanks!<br>
          <br>
          # TLS CLIENT<br>
          #modparam("tls_mgm", "client_domain", "sbcsothis")<br>
          #modparam("tls_mgm", "match_sip_domain", "[sbcsothis]*")<br>
          #modparam("tls_mgm", "match_ip_address", "[sbcsothis]*")<br>
          #modparam("tls_mgm", "verify_cert", "[sbcsothis]1")<br>
          #modparam("tls_mgm", "require_cert", "[sbcsothis]1")<br>
          #modparam("tls_mgm", "tls_method", "[sbcsothis]TLSv1-")<br>
          #modparam("tls_mgm", "certificate",
          "[sbcsothis]/etc/opensips/tls/user/sothistelecom.com.crt")<br>
          #modparam("tls_mgm", "private_key",
          "[sbcsothis]/etc/opensips/tls/user/sothistelecom.com.key")<br>
          #modparam("tls_mgm", "ca_list",
          "[sbcsothis]/etc/ssl/certs/ca-certificates.crt")<br>
          #modparam("tls_mgm", "ca_dir",
          "[sbcsothis]/etc/ssl/certs/")Config file<br>
          <br>
        </div>
      </div>
      <div name="messageSignatureSection"><br>
        <div class="matchFont"><img
            src="cid:part1.785A2611.F166D4B1@opensips.org" class=""><br>
        </div>
      </div>
      <div name="messageReplySection">Em 10 de ago. de 2022 04:50 -0300,
        Bogdan-Andrei Iancu <a class="moz-txt-link-rfc2396E" href="mailto:bogdan@opensips.org"><bogdan@opensips.org></a>, escreveu:<br>
        <blockquote type="cite" style="border-left-color: grey;
          border-left-width: thin; border-left-style: solid; margin: 5px
          5px;padding-left: 10px;">
          <font face="monospace">Hi Francisco,<br>
            <br>
            Thanks for the info, it seems it was an issue with the
            validation regexp, see <a class="moz-txt-link-freetext"
href="https://github.com/OpenSIPS/opensips-cp/commit/7558bc7e36c03293858c7086edfc724d56a2b9b4"
              moz-do-not-send="true">
https://github.com/OpenSIPS/opensips-cp/commit/7558bc7e36c03293858c7086edfc724d56a2b9b4</a><br>
            <br>
            So please update from GIT or TAR and give it a try (or
            simply do a manual change as per the diff link).<br>
            <br>
            Let me know if it works now.<br>
            <br>
            Regards,<br>
          </font>
          <pre class="moz-signature" cols="72">Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
  <a class="moz-txt-link-freetext" href="https://www.opensips-solutions.com" moz-do-not-send="true">https://www.opensips-solutions.com</a>
OpenSIPS Summit 27-30 Sept 2022, Athens
  <a class="moz-txt-link-freetext" href="https://www.opensips.org/events/Summit-2022Athens/" moz-do-not-send="true">https://www.opensips.org/events/Summit-2022Athens/</a></pre>
          <div class="moz-cite-prefix">On 8/9/22 11:46 PM, Francisco
            Neto wrote:<br>
          </div>
          <blockquote type="cite"
            cite="mid:f66ea8e9-2233-4d72-a00c-816053e9be68@Spark">
            <div name="messageBodySection">
              <div dir="auto">Hi Bogdan-Andrei! How are you!<br>
                <br>
                Below is all the information that you have request ok,
                fell free to ask me if you need something more!<br>
                <br>
                <strong>version: opensips 3.2.5 (x86_64/linux)</strong><br>
                flags: STATS: On, DISABLE_NAGLE, USE_MCAST, SHM_MMAP,
                PKG_MALLOC, Q_MALLOC, F_MALLOC, HP_MALLOC, DBG_MALLOC,
                FAST_LOCK-ADAPTIVE_WAIT<br>
                ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144,
                MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535<br>
                poll method support: poll, epoll, sigio_rt, select.<br>
                main.c compiled on with gcc 10<br>
                <br>
                <strong>Opensips Control Panel 9.3.2</strong><br>
                <br>
                <strong>Debian Version 11.2</strong><br>
                <br>
                 <br>
                Thank you very much for the help!<br>
                <br>
              </div>
            </div>
            <div name="messageSignatureSection"><br>
              <div class="matchFont"><img
                  src="cid:part5.FD9717CC.4C36158D@opensips.org"
                  class=""><br>
              </div>
            </div>
            <div name="messageReplySection">Em 9 de ago. de 2022 05:39
              -0300, Bogdan-Andrei Iancu
              <a class="moz-txt-link-rfc2396E"
                href="mailto:bogdan@opensips.org" moz-do-not-send="true"><bogdan@opensips.org></a>,
              escreveu:<br>
              <blockquote type="cite" style="border-left-color: grey;
                border-left-width: thin; border-left-style: solid;
                margin: 5px 5px;padding-left: 10px;">
                <font face="monospace">Hi Francisco,<br>
                  <br>
                  I guess you are talking about managing certificates
                  via the Control Panel, right ? if so, what version of
                  OpenSIPS and OpenSIPS CP are you using ? Also, could
                  you provide a screenshot of the add / update form,
                  showing the issue? IF you have any sensitive data,
                  please send the screenshot privately to me.<br>
                  <br>
                  Best regards,<br>
                </font>
                <pre class="moz-signature" cols="72">Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
  <a class="moz-txt-link-freetext" href="https://www.opensips-solutions.com" moz-do-not-send="true">https://www.opensips-solutions.com</a>
OpenSIPS Summit 27-30 Sept 2022, Athens
  <a class="moz-txt-link-freetext" href="https://www.opensips.org/events/Summit-2022Athens/" moz-do-not-send="true">https://www.opensips.org/events/Summit-2022Athens/</a></pre>
                <div class="moz-cite-prefix">On 8/3/22 9:27 PM,
                  Francisco Neto via Users wrote:<br>
                </div>
                <blockquote type="cite"
                  cite="mid:86d5afe7-8236-42eb-948a-3e0432b25bf8@Spark">
                  <div name="messageBodySection">
                    <div dir="auto">Hi All!<br>
                      <br>
                      I’ve just installed open sips and everything is
                      working ok, except the TLS Management interface.<br>
                      <br>
                      When I try to add ou update any entry, it only
                      accept “Network Address” as “*”.<br>
                      <br>
                      If I type the IP address as x.x.x.x:port or
                      “x.x.x.x:port” or ‘x.x.x.x:port’ it always
                      complain with the following message: Failed to
                      validate input for match_ip_address<br>
                      <br>
                      Can someone give me a tip of how should I write
                      the IP address or if it a bug?<br>
                      <br>
                      Thanks!</div>
                  </div>
                  <div name="messageSignatureSection"><br>
                    <div class="matchFont"><img
                        src="cid:part9.0C13D810.9ABAE774@opensips.org"
                        class=""><br>
                    </div>
                  </div>
                  <br>
                  <fieldset class="mimeAttachmentHeader"></fieldset>
                  <pre class="moz-quote-pre" wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org" moz-do-not-send="true">Users@lists.opensips.org</a>
<a class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" moz-do-not-send="true">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
                </blockquote>
                <br>
              </blockquote>
            </div>
          </blockquote>
          <br>
        </blockquote>
      </div>
    </blockquote>
    <br>
  </body>
</html>