
<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">

</head>

<body>

<div dir="auto">Kindly help me in identifying where I am wrong.</div>

<div><br>

</div>

<div id="ms-outlook-mobile-signature" dir="auto">Sent from <a href="https://aka.ms/AAb9ysg">

Outlook for Android</a></div>

<hr style="display:inline-block;width:98%" tabindex="-1">

<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Prathibha B <prathibhab.tvm@gmail.com><br>

<b>Sent:</b> Saturday, February 15, 2025 7:11:22 PM<br>

<b>To:</b> OpenSIPS users mailling list <users@lists.opensips.org><br>

<b>Subject:</b> Re: Mid Registrar error</font>

<div> </div>

</div>

<div>

<div dir="ltr">opensips.cfg 

<div><br>

</div>

<div>####### Global Parameters #########<br>

<br>

log_level=7<br>

xlog_level=7<br>

stderror_enabled=no<br>

syslog_enabled=yes<br>

syslog_facility=LOG_LOCAL0<br>

<br>

udp_workers=4<br>

<br>

open_files_limit=4096<br>

<br>

tcp_connect_timeout=1000<br>

<br>

/* comment the next line to enable the auto discovery of local aliases<br>

   based on revers DNS on IPs */<br>

auto_aliases=no<br>

<br>

<br>

socket=udp:x.x.x.x:5060<br>

socket=wss:x.x.x.x:443<br>

alias="wss:xxxxx:443"<br>

advertised_address="xxxxx"<br>

advertised_address="x.x.x.x"<br>

<br>

<br>

####### Modules Section ########<br>

<br>

#set module path<br>

mpath="/usr/local/lib64/opensips/modules/"<br>

loadmodule "uac.so"<br>

loadmodule "mid_registrar.so"<br>

modparam("mid_registrar", "mode", 2) /* 0 = mirror / 1 = ct / 2 = AoR */<br>

modparam("mid_registrar", "outgoing_expires", 7200)<br>

modparam("mid_registrar", "received_avp", "$avp(received)")<br>

modparam("mid_registrar", "pn_enable", true)<br>

modparam("mid_registrar", "pn_providers", "apns,fcm,webpush")<br>

modparam("mid_registrar", "min_expires", 300)<br>

modparam("mid_registrar", "contact_id_insertion", "ct-username")<br>

modparam("mid_registrar", "contact_id_param", "ctid")<br>

<br>

<br>

#### SIGNALING module<br>

loadmodule "signaling.so"<br>

<br>

#### StateLess module<br>

loadmodule "sl.so"<br>

<br>

#### Transaction Module<br>

loadmodule "tm.so"<br>

modparam("tm", "fr_timeout", 5)<br>

modparam("tm", "fr_inv_timeout", 30)<br>

modparam("tm", "restart_fr_on_each_reply", 0)<br>

modparam("tm", "onreply_avp_mode", 1)<br>

<br>

loadmodule "nathelper.so"<br>

modparam("nathelper", "received_avp", "$avp(received)")<br>

<br>

<br>

#### Record Route Module<br>

loadmodule "rr.so"<br>

/* do not append from tag to the RR (no need for this script) */<br>

modparam("rr", "append_fromtag", 1)<br>

<br>

#### MAX ForWarD module<br>

loadmodule "maxfwd.so"<br>

<br>

loadmodule "path.so"<br>

<br>

#### SIP MSG OPerationS module<br>

loadmodule "sipmsgops.so"<br>

<br>

#### FIFO Management Interface<br>

loadmodule "mi_fifo.so"<br>

modparam("mi_fifo", "fifo_name", "/var/run/opensips/opensips_fifo")<br>

modparam("mi_fifo", "fifo_mode", 0666)<br>

<br>

<br>

#### URI module<br>

#loadmodule "uri.so"<br>

#modparam("uri", "use_uri_table", 0)<br>

loadmodule "db_mysql.so"<br>

#### USeR LOCation module<br>

loadmodule "usrloc.so"<br>

modparam("usrloc", "nat_bflag", "UAS_NAT")<br>

modparam("usrloc", "working_mode_preset", "single-instance-sql-write-back")<br>

modparam("usrloc", "db_url",<br>

    "mysql://root:root@localhost:3306/opensips")<br>

<br>

#### REGISTRAR module<br>

#loadmodule "registrar.so"<br>

<br>

/* uncomment the next line not to allow more than 10 contacts per AOR */<br>

#modparam("registrar", "max_contacts", 10)<br>

<br>

#### ACCounting module<br>

loadmodule "acc.so"<br>

/* what special events should be accounted ? */<br>

modparam("acc", "early_media", 0)<br>

modparam("acc", "report_cancels", 0)<br>

/* by default we do not adjust the direct of the sequential requests.<br>

   if you enable this parameter, be sure the enable "append_fromtag"<br>

   in "rr" module */<br>

modparam("acc", "detect_direction", 0)<br>

<br>

<br>

#### UDP protocol<br>

loadmodule "proto_udp.so"<br>

<br>

#loadmodule "proto_tcp.so"<br>

#modparam("proto_tcp","tcp_async",1)<br>

loadmodule "proto_tls.so"<br>

# WS and WSS module<br>

loadmodule "proto_wss.so"<br>

loadmodule "proto_ws.so"<br>

modparam("proto_wss", "wss_max_msg_chunks", 16)<br>

#modparam("proto_wss", "require_origin", no)<br>

#modparam("proto_ws", "require_origin", no)<br>

#modparam("proto_wss", "wss_port", 443)<br>

#modparam("proto_wss", "wss_handshake_timeout", 500)<br>

#modparam("proto_wss", "wss_tls_handshake_timeout", 500)<br>

#modparam("proto_wss", "wss_resource", "/")<br>

#modparam("proto_wss", "tls_method", "TLSv1")<br>

#modparam("proto_wss", "trace_on", 1)<br>

<br>

loadmodule "textops.so"<br>

<br>

## TLS Management<br>

loadmodule "tls_openssl.so"<br>

loadmodule "tls_mgm.so"<br>

modparam("tls_mgm", "tls_library", "openssl")<br>

modparam("tls_mgm", "client_domain","dom")<br>

modparam("tls_mgm", "ca_dir", "[dom]/etc/certs/")<br>

modparam("tls_mgm", "ca_list", "[dom]/etc/certs/isrgrootx1.pem")<br>

#modparam("tls_mgm", "ca_list", "[dom]/etc/certs/fullchain.pem")<br>

#modparam("tls_mgm", "ca_list", "[dom]/etc/certs/isrg-root-x1-cross-signed.pem")<br>

modparam("tls_mgm", "verify_cert", "[dom]0")<br>

modparam("tls_mgm", "require_cert", "[dom]0")<br>

modparam("tls_mgm", "match_sip_domain", "[dom]*")<br>

modparam("tls_mgm", "match_ip_address", "[dom]*")<br>

modparam("tls_mgm", "certificate","[dom]/etc/certs/fullchain.pem")<br>

modparam("tls_mgm","private_key","[dom]/etc/certs/privkey.pem")<br>

#modparam("tls_mgm", "ciphers_list", "[dom]AES128-SHA256:AES256-SHA")<br>

<br>

<br>

<br>

modparam("tls_mgm","server_domain", "dom1")<br>

modparam("tls_mgm", "match_sip_domain", "[dom1]xxxxx")<br>

modparam("tls_mgm", "match_ip_address", "[dom1]x.x.x.x:443")<br>

modparam("tls_mgm", "verify_cert", "[dom1]0")<br>

modparam("tls_mgm", "require_cert", "[dom1]0")<br>

modparam("tls_mgm", "ca_dir", "[dom1]/etc/certs/")<br>

#modparam("tls_mgm", "ca_list", "[dom1]/etc/certs/fullchain.pem")<br>

modparam("tls_mgm", "ca_list", "[dom1]/etc/certs/isrgrootx1.pem")<br>

#modparam("tls_mgm", "ca_list", "[xxxxx]/etc/certs/isrg-root-x1-cross-signed.pem")<br>

modparam("tls_mgm", "certificate","[dom1]/etc/certs/fullchain.pem")<br>

modparam("tls_mgm","private_key","[dom1]/etc/certs/privkey.pem")<br>

modparam("tls_mgm", "tls_method", "[dom1]TLSv1_3")<br>

#modparam("tls_mgm", "tls_method", "[dom]TLSv1_3")<br>

#modparam("tls_mgm", "ciphers_list", "[dom1]AES128-SHA256:AES256-SHA")<br>

<br>

<br>

modparam("tls_mgm","server_domain", "dom2")<br>

modparam("tls_mgm", "match_sip_domain", "[dom2]xxxxx")<br>

modparam("tls_mgm", "match_ip_address", "[dom2]x.x.x.x:1443")<br>

modparam("tls_mgm", "verify_cert", "[dom2]0")<br>

modparam("tls_mgm", "require_cert", "[dom2]0")<br>

modparam("tls_mgm", "ca_dir", "[dom2]/etc/certs/")<br>

#modparam("tls_mgm", "ca_list", "[dom2]/etc/certs/fullchain.pem")<br>

modparam("tls_mgm", "ca_list", "[dom2]/etc/certs/isrgrootx1.pem")<br>

#modparam("tls_mgm", "ca_list", "[xxxxx]/etc/certs/isrg-root-x1-cross-signed.pem")<br>

modparam("tls_mgm", "certificate","[dom2]/etc/certs/fullchain.pem")<br>

modparam("tls_mgm","private_key","[dom2]/etc/certs/privkey.pem")<br>

modparam("tls_mgm", "tls_method", "[dom2]TLSv1_3")<br>

#modparam("tls_mgm", "ciphers_list", "[dom2]AES128-SHA256:AES256-SHA")<br>

<br>

loadmodule "rest_client.so"<br>

loadmodule "event_routing.so"<br>

<br>

####### Routing Logic ########<br>

<br>

# main request routing logic<br>

<br>

route{<br>

if (!mf_process_maxfwd_header(10)) {<br>

sl_send_reply(483,"Too Many Hops");<br>

exit;<br>

}<br>

<br>

if (has_totag()) {<br>

# sequential requests within a dialog should<br>

# take the path determined by record-routing<br>

if (loose_route()) {<br>

<br>

if (is_method("BYE")) {<br>

# do accunting, even if the transaction fails<br>

do_accounting("log","failed");<br>

} else if (is_method("INVITE")) {<br>

xlog("In INVITE1");<br>

# even if in most of the cases is useless, do RR for<br>

# re-INVITEs alos, as some buggy clients do change route set<br>

# during the dialog.<br>

record_route();<br>

}<br>

<br>

# route it out to whatever destination was set by loose_route()<br>

# in $du (destination URI).<br>

route(relay);<br>

} else {<br>

<br>

if ( is_method("ACK") ) {<br>

if ( t_check_trans() ) {<br>

# non loose-route, but stateful ACK; must be an ACK after <br>

# a 487 or e.g. 404 from upstream server<br>

t_relay();<br>

exit;<br>

} else {<br>

# ACK without matching transaction -><br>

# ignore and discard<br>

exit;<br>

}<br>

}<br>

sl_send_reply(404,"Not here");<br>

}<br>

exit;<br>

}<br>

<br>

# CANCEL processing<br>

if (is_method("CANCEL"))<br>

{<br>

if (t_check_trans())<br>

t_relay();<br>

exit;<br>

}<br>

<br>

t_check_trans();<br>

<br>

if (is_method("REGISTER")) {<br>

       fix_nated_register();<br>

add_path_received();<br>

mid_registrar_save("location",'path-received');<br>

switch ($retcode) {<br>

case 1:<br>

$ru = "sip:asteriskprivateip:1443;transport=wss";<br>

if (!t_relay()) {<br>

        xlog("L_ERR", "Failed to forward call to Asterisk \n");<br>

       send_reply(500, "Internal Server Error");<br>

    }<br>

break;<br>

case 2:<br>

xlog("absorbing REGISTER! ($$ci=$ci)\n");<br>

break;<br>

default:<br>

xlog("failed to save registration! ($$ci=$ci)\n");<br>

}<br>

<br>

exit;<br>

}<br>

<br>

# preloaded route checking<br>

if (loose_route()) {<br>

xlog("L_ERR",<br>

"Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");<br>

if (!is_method("ACK"))<br>

sl_send_reply(403,"Preload Route denied");<br>

exit;<br>

}<br>

<br>

# record routing<br>

if (!is_method("REGISTER|MESSAGE"))<br>

record_route();<br>

<br>

<br>

# account only INVITEs<br>

if (is_method("INVITE")) {<br>

$ru="sip:asteriskprivateip:1443;transport=wss;";<br>

        t_relay();<br>

}<br>

<br>

# requests for my domain<br>

if (is_method("PUBLISH|SUBSCRIBE"))<br>

{<br>

sl_send_reply(503, "Service Unavailable");<br>

exit;<br>

}<br>

<br>

if ($rU==NULL) {<br>

# request with no Username in RURI<br>

sl_send_reply(484,"Address Incomplete");<br>

exit;<br>

}<br>

<br>

<br>

if (has_totag()) {<br>

if (is_method("ACK") && t_check_trans()) {<br>

t_relay();<br>

exit;<br>

}<br>

<br>

if (!loose_route()) {<br>

send_reply(404, "Not Found");<br>

exit;<br>

}<br>

<br>

if (!is_method("ACK")) {<br>

}<br>

route(relay);<br>

exit;<br>

}<br>

<br>

<br>

# when routing via usrloc, log the missed calls also<br>

do_accounting("log","missed");<br>

route(relay);<br>

}<br>

<br>

<br>

route[relay] {<br>

# for INVITEs enable some additional helper routes<br>

if (is_method("INVITE")) {<br>

t_on_branch("per_branch_ops");<br>

t_on_reply("handle_nat");<br>

t_on_failure("missed_call");<br>

}<br>

<br>

if (!t_relay()) {<br>

send_reply(500,"Internal Error");<br>

};<br>

exit;<br>

}<br>

<br>

<br>

<br>

<br>

branch_route[per_branch_ops] {<br>

xlog("new branch at $ru\n");<br>

}<br>

<br>

<br>

onreply_route[handle_nat] {<br>

<br>

xlog("incoming reply\n");<br>

}<br>

<br>

<br>

failure_route[missed_call] {<br>

if (t_was_cancelled()) {<br>

exit;<br>

}<br>

}</div>

</div>

<div id="x_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2"><br>

<table style="border-top:1px solid #d3d4de">

<tbody>

<tr>

<td style="width:55px; padding-top:13px"><a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail" target="_blank"><img src="https://s-install.avcdn.net/ipm/preview/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif" alt="" width="46" height="29" style="width:46px; height:29px"></a></td>

<td style="width:470px; padding-top:12px; color:#41424e; font-size:13px; font-family:Arial,Helvetica,sans-serif; line-height:18px">

Virus-free.<a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail" target="_blank" style="color:#4453ea">www.avast.com</a></td>

</tr>

</tbody>

</table>

<a href="#x_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2" width="1" height="1"></a></div>

<br>

<div class="x_gmail_quote x_gmail_quote_container">

<div dir="ltr" class="x_gmail_attr">On Sat, 15 Feb 2025 at 10:51, Prathibha B <<a href="mailto:prathibhab.tvm@gmail.com">prathibhab.tvm@gmail.com</a>> wrote:<br>

</div>

<blockquote class="x_gmail_quote" style="margin:0px 0px 0px 0.8ex; border-left:1px solid rgb(204,204,204); padding-left:1ex">

<div dir="ltr">

<div>Hello,</div>

<div><br>

</div>

<div>When calling from webrtc client to asterisk via opensips, I'm getting the following error message:</div>

<div><br>

</div>

<div>

<div style="box-sizing:border-box; display:flex; color:rgb(31,35,40); font-family:-apple-system,BlinkMacSystemFont,"Segoe UI","Noto Sans",Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji"; font-size:14px">

<div style="box-sizing:border-box; min-width:0px">

<div style="box-sizing:border-box; display:flex; border-radius:6px; border-width:1px; border-style:solid; padding-top:0px; padding-bottom:0px">

<div style="box-sizing:border-box; display:flex">

<div style="box-sizing:border-box; width:790.08px">

<div style="box-sizing:border-box; display:flex; margin:16px">

<div style="box-sizing:border-box; font-size:16px; line-height:1.5">

<div style="box-sizing:border-box; font-size:14px; line-height:1.5; max-width:100%; margin-top:0px; margin-bottom:0px">

<p dir="auto" style="box-sizing:border-box; margin-top:0px; margin-bottom:0px">ERROR:tls_openssl:openssl_tls_write: TLS write error:<br style="box-sizing:border-box">

/usr/local/sbin/opensips[1372222]: ERROR:tls_openssl:openssl_tls_blocking_write: TLS failed to send data<br style="box-sizing:border-box">

/usr/local/sbin/opensips[1372222]: ERROR:tls_openssl:openssl_tls_write: TLS connection to

<a href="http://10.203.0.6:55668" target="_blank">10.203.0.6:55668</a> write failed (5:-1:9)<br style="box-sizing:border-box">

ngdcs /usr/local/sbin/opensips[1372222]: ERROR:tls_openssl:openssl_tls_write: TLS write error:<br style="box-sizing:border-box">

/usr/local/sbin/opensips[1372222]: ERROR:tls_openssl:openssl_tls_blocking_write: TLS failed to send data</p>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

</div>

<div style="box-sizing:border-box; display:flex; color:rgb(31,35,40); font-family:-apple-system,BlinkMacSystemFont,"Segoe UI","Noto Sans",Helvetica,Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji"; font-size:14px">

<br>

</div>

</div>

<div>How to resolve this issue?</div>

<span class="x_gmail_signature_prefix">-- </span><br>

<div dir="ltr" class="x_gmail_signature">

<div dir="ltr">

<div>Regards,</div>

<div>B.Prathibha<br>

</div>

</div>

</div>

</div>

</blockquote>

</div>

<div><br clear="all">

</div>

<div><br>

</div>

<span class="x_gmail_signature_prefix">-- </span><br>

<div dir="ltr" class="x_gmail_signature">

<div dir="ltr">

<div>Regards,</div>

<div>B.Prathibha<br>

</div>

</div>

</div>

</div>

</body>

</html>