<div dir="ltr">Hi All , <div><br></div><div>I am using opensips 3.2 from very long time . For TLS connection I was using our domain specific certificate and private key which was authorized by some verified organization . With that my TLS connection with the server is getting established and also I am able to get REGISTER and INVITE request on the connection . </div><div><br></div><div><br></div><div>Rather than this , when I build opensips with TLS=1 opensips itself creates its own rootCA . If I am using those crt and private key file for TLS connection the connection get established but I am not getting any request . What can be the reason . </div><div><br></div><div>My configuration is like below . </div><div><br></div><div>modparam("tls_mgm", "server_domain", "dom3")<br>modparam("tls_mgm", "match_ip_address", "[dom3]20.1.x.y:5061")<br>modparam("tls_mgm", "match_sip_domain", "[dom3]none")<br>#
20.1.x.y this is my servers private IP on which I have configured TLS socket . <br>modparam("tls_mgm", "tls_method", "[dom3]-TLSv1_2")<br><br>modparam("tls_mgm", "certificate", "[dom3]/etc/opensips/tls/rootCA/cacert.pem")<br>modparam("tls_mgm", "private_key", "[dom3]/etc/opensips/tls/rootCA/private/cakey.pem")<br>modparam("tls_mgm", "ca_list", "[dom3]/etc/opensips/tls/rootCA/certs/01.pem")<br><br>modparam("tls_mgm", "require_cert", "[dom3]0")<br>modparam("tls_mgm", "verify_cert", "[dom3]1")<br></div><div><br></div><div>In the logs I am getting below message </div><div><br></div><div><b>2024-08-29T07:14:59.213460+00:00 ip-20-1-205-63 /sbin/opensips[22895]: INFO:tls_openssl:openssl_tls_accept: New TLS connection from x.x.x.x:20219 accepted<br>2024-08-29T07:14:59.213866+00:00 ip-20-1-205-63 /sbin/opensips[22895]: INFO:tls_openssl:openssl_tls_accept: Client did not present a TLS certificate<br>2024-08-29T07:14:59.214064+00:00 ip-20-1-205-63 /sbin/opensips[22895]: INFO:tls_openssl:tls_dump_cert_info: tls_accept: local TLS server certificate subject: /CN=OpenSIPS/ST=<a href="http://opensips.org/C=IP/emailAddress=team@opensips.org/O=opensips.org">opensips.org/C=IP/emailAddress=team@opensips.org/O=opensips.org</a>, issuer: /CN=OpenSIPS/ST=<a href="http://opensips.org/C=IP/emailAddress=team@opensips.org/O=opensips.org">opensips.org/C=IP/emailAddress=team@opensips.org/O=opensips.org</a></b><br></div><div><br></div><div>I have added siptrace and tracing to the DB as well . I am not getting any SIP messages on the 2nd case . What can be the reason for this ? This is quite critical to me . Please do help. </div><div><br></div><div><br clear="all"><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><b><i>Thanks & Regards</i></b><div><i>Sasmita Panda</i></div><div><i>Senior Network Testing and Software Engineer</i></div><div><i>3CLogic , ph:07827611765</i></div></div></div></div></div></div></div></div>