<div style="font-family: Arial; font-size: 14px;">Hi All</div><div style="font-family: Arial; font-size: 14px;"><br></div><div style="font-family: Arial; font-size: 14px;">I am trying to get tls working with my letsencrypt cert but i keep getting this error</div><div style="font-family: Arial; font-size: 14px;"><br></div><div style="font-family: Arial; font-size: 14px;"><span>ERROR:tls_openssl:openssl_tls_accept: SSL_ERROR_SYSCALL err=Success(0)</span><br></div><div style="font-family: Arial; font-size: 14px;"><span><span>ERROR:tls_openssl:openssl_tls_accept: New TLS connection from xxxx:47817 failed to accept</span><br></span></div><div style="font-family: Arial; font-size: 14px;"><span><span>Dec 15 16:32:54 [localhost] /usr/sbin/opensips[4373]: ERROR:proto_wss:wss_read_req: cannot fix read connection</span></span></div><div style="font-family: Arial; font-size: 14px;"><span><br></span></div><div style="font-family: Arial; font-size: 14px;"><span>my config is as follows</span></div><div style="font-family: Arial; font-size: 14px;"><span><span>loadmodule "tls_openssl.so"</span></span></div><div style="font-family: Arial; font-size: 14px;"><span><br></span></div><div style="font-family: Arial; font-size: 14px;"><span><span>modparam("tls_mgm", "server_domain", "sip")</span><div><span>modparam("tls_mgm", "ca_list", "[sip]/etc/letsencrypt/fullchain.pem")</span></div><div><span>modparam("tls_mgm", "certificate", "[sip]/etc/opensips/tls/cert.pem")</span></div><div><span>modparam("tls_mgm", "private_key", "[sip]/etc/opensips/tls/ckey.pem")</span></div><div><span>modparam("tls_mgm", "require_cert", "[sip]0")</span></div><div><span>modparam("tls_mgm", "tls_method", "[sip]TLSv1")</span></div><div><span>modparam("tls_mgm", "verify_cert", "[sip]0")</span></div><div><span>modparam("tls_mgm", "match_sip_domain", "[sip]*")</span></div><div><span>modparam("tls_mgm", "match_ip_address", "[sip]*")</span></div><div><br></div><div><span>modparam("tls_mgm", "client_domain", "sip1")</span></div><div><span>modparam("tls_mgm", "ca_list", "[sip1]/etc/letsencrypt/fullchain.pem")</span></div><div><span>modparam("tls_mgm", "certificate", "[sip1]/etc/opensips/tls/cert.pem")</span></div><div><span>modparam("tls_mgm", "private_key", "[sip1]/etc/opensips/tls/ckey.pem")</span></div><div><span>modparam("tls_mgm", "require_cert", "[sip1]0")</span></div><div><span>modparam("tls_mgm", "tls_method", "[sip1]TLSv1")</span></div><div><span>modparam("tls_mgm", "verify_cert", "[sip1]0")</span></div><div><span>modparam("tls_mgm", "match_sip_domain", "[sip]*")</span></div><div><span>modparam("tls_mgm", "match_ip_address", "[sip]*")</span></div><div><br></div><div><span>loadmodule "proto_wss.so"</span></div><div><span>modparam("proto_wss", "require_origin", no)</span></div><div><span>loadmodule "proto_ws.so"</span></div><div><span>modparam("proto_ws", "require_origin", no)</span></div><span></span><div style="font-family: Arial; font-size: 14px;"><span><br></span></div>i have tried wolfssl aswell</span></div><div style="font-family: Arial; font-size: 14px;"><span>any ideas :(<br><span></span><br></span></div><div style="font-family: Arial; font-size: 14px;"><br></div>
<div class="protonmail_signature_block" style="font-family: Arial; font-size: 14px;">
<div class="protonmail_signature_block-user protonmail_signature_block-empty">
</div>
<div class="protonmail_signature_block-proton">
Sent with <a target="_blank" href="https://proton.me/" rel="noopener noreferrer">Proton Mail</a> secure email.
</div>
</div>