[prev in list] [next in list] [prev in thread] [next in thread]
List: serusers
Subject: [SR-Users] Errors with TLS
From: SAMUEL MOYA TINOCO via sr-users <sr-users () lists ! kamailio ! org>
Date: 2023-12-21 7:28:13
Message-ID: GV1PR10MB607420DFC4B7C5F4785560F7D795A () GV1PR10MB6074 ! EURPRD10 ! PROD ! OUTLOOK ! COM
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hi everyone,
All my environment was working properly. But a few days ago I've started to have \
problems with my websocket connectios. Everytime I try to register my websocket \
Kamailio log this
Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls \
[tls_server.c:1330]: tls_h_read_f(): protocol level error
Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls [tls_util.h:50]: \
tls_err_ret(): TLS accept:error:0A000416:SSL routines::sslv3 alert certificate \
unknown (sni: unknown)
Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls \
[tls_server.c:1334]: tls_h_read_f(): src addr: IP_webclient:61423
Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls \
[tls_server.c:1337]: tls_h_read_f(): dst addr: IP_Kamailio:8443
Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: ERROR: <core> \
[core/tcp_read.c:1476]: tcp_read_req(): ERROR: tcp_read_req: error reading - c: \
0x7fbc423053b0 r: 0x7fbc423054d8 (-1)
My tls.cfg:
[server:default]
method = TLSv1.2+
verify_certificate = no
require_certificate = yes
private_key = /etc/kamailio/cert/clave_SSL.key
certificate = /etc/kamailio/cert/certificado.pem
Kamailio version:
root@prod-kamailio:/etc/kamailio# kamailio -v
version: kamailio 5.6.3 (x86_64/linux)
flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, \
USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, \
DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, \
USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES, TLS_PTHREAD_MUTEX_SHARED \
ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE \
65535, DEFAULT PKG_SIZE 8MB poll method support: poll, epoll_lt, epoll_et, sigio_rt, \
select.
id: unknown
compiled with gcc 12.2.0
I don't know why it stopped working. And I'm not sure what to do or what to check.
Has anyone faced this problem?
Any help would be appreciated
Thanks in advance
Samuel Moya Tinoco
Departamento de Sistemas y Redes
Móvil: (+34) 606985997
smoya@vivelibre.es<mailto:smoya@vivelibre.es>
[cid:image001.png@01DA33E6.D2D833D0]
Soluciones inteligentes
para la autonomía personal
[Attachment #5 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40"> <head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-ligatures:standardcontextual;
mso-fareast-language:EN-US;}
span.EstiloCorreo17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 3.0cm 70.85pt 3.0cm;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="ES" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">Hi everyone,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span lang="EN-US">All my environment was working properly. But \
a few days ago I’ve started to have problems with my websocket connectios. \
Everytime I try to register my websocket Kamailio log this<o:p></o:p></span></p> <p \
class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p> <p \
class="MsoNormal"><span lang="EN-US" style="font-family:Consolas">Dec 20 09:02:10 \
prod-kamailio /usr/sbin/kamailio[599]: ERROR: tls [tls_server.c:1330]: \
tls_h_read_f(): protocol level error<o:p></o:p></span></p> <p class="MsoNormal"><span \
lang="EN-US" style="font-family:Consolas">Dec 20 09:02:10 prod-kamailio \
/usr/sbin/kamailio[599]: ERROR: tls [tls_util.h:50]: tls_err_ret(): TLS \
accept:error:0A000416:SSL routines::sslv3 alert certificate unknown (sni: \
unknown)<o:p></o:p></span></p> <p class="MsoNormal"><span lang="EN-US" \
style="font-family:Consolas">Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: \
ERROR: tls [tls_server.c:1334]: tls_h_read_f(): src addr: \
IP_webclient:61423<o:p></o:p></span></p> <p class="MsoNormal"><span lang="EN-US" \
style="font-family:Consolas">Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: \
ERROR: tls [tls_server.c:1337]: tls_h_read_f(): dst addr: \
IP_Kamailio:8443<o:p></o:p></span></p> <p class="MsoNormal"><span lang="EN-US" \
style="font-family:Consolas">Dec 20 09:02:10 prod-kamailio /usr/sbin/kamailio[599]: \
ERROR: <core> [core/tcp_read.c:1476]: tcp_read_req(): ERROR: tcp_read_req: \
error reading - c: 0x7fbc423053b0 r: 0x7fbc423054d8 (-1)<o:p></o:p></span></p> <p \
class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p> <p \
class="MsoNormal"><span lang="EN-US">My tls.cfg:<o:p></o:p></span></p> <p \
class="MsoNormal"><span lang="EN-US" \
style="font-family:Consolas">[server:default]<o:p></o:p></span></p> <p \
class="MsoNormal"><span lang="EN-US" style="font-family:Consolas">method = \
TLSv1.2+<o:p></o:p></span></p> <p class="MsoNormal"><span lang="EN-US" \
style="font-family:Consolas">verify_certificate = no<o:p></o:p></span></p> <p \
class="MsoNormal"><span lang="EN-US" style="font-family:Consolas">require_certificate \
= yes<o:p></o:p></span></p> <p class="MsoNormal"><span lang="EN-US" \
style="font-family:Consolas">private_key = \
/etc/kamailio/cert/clave_SSL.key<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-family:Consolas">certificate = \
/etc/kamailio/cert/certificado.pem<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-family:Consolas"><o:p> </o:p></span></p> <p \
class="MsoNormal">Kamailio version:<o:p></o:p></p> <p class="MsoNormal"><span \
style="font-family:Consolas">root@prod-kamailio:/etc/kamailio# kamailio \
-v<o:p></o:p></span></p> <p class="MsoNormal"><span lang="EN-US" \
style="font-family:Consolas">version: kamailio 5.6.3 \
(x86_64/linux)<o:p></o:p></span></p> <p class="MsoNormal"><span lang="EN-US" \
style="font-family:Consolas">flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, \
USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, \
F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, \
USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES, \
TLS_PTHREAD_MUTEX_SHARED<o:p></o:p></span></p> <p class="MsoNormal"><span \
lang="EN-US" style="font-family:Consolas">ADAPTIVE_WAIT_LOOPS 1024, \
MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE \
8MB<o:p></o:p></span></p> <p class="MsoNormal"><span lang="EN-US" \
style="font-family:Consolas">poll method support: poll, epoll_lt, epoll_et, sigio_rt, \
select.<o:p></o:p></span></p> <p class="MsoNormal"><span lang="EN-US" \
style="font-family:Consolas">id: unknown<o:p></o:p></span></p> <p \
class="MsoNormal"><span lang="EN-US" style="font-family:Consolas">compiled with gcc \
12.2.0<o:p></o:p></span></p> <p class="MsoNormal"><span lang="EN-US" \
style="font-family:Consolas"><o:p> </o:p></span></p> <p class="MsoNormal"><span \
lang="EN-US">I don’t know why it stopped working. And I’m not sure what \
to do or what to check. <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Has anyone faced this \
problem?<o:p></o:p></span></p> <p class="MsoNormal"><span lang="EN-US">Any help would \
be appreciated <o:p></o:p></span></p> <p class="MsoNormal"><span \
lang="EN-US"><o:p> </o:p></span></p> <p class="MsoNormal"><span \
lang="EN-US">Thanks in advance<o:p></o:p></span></p> <p class="MsoNormal"><span \
lang="EN-US"><o:p> </o:p></span></p> <p class="MsoNormal"><span \
lang="EN-US"><o:p> </o:p></span></p> <table class="MsoNormalTable" border="0" \
cellspacing="0" cellpadding="0" style="border-collapse:collapse"> <tbody>
<tr>
<td width="423" colspan="2" valign="top" style="width:317.25pt;padding:0cm 5.4pt 0cm \
5.4pt"> <p class="MsoNormal" style="line-height:115%"><b><span \
style="mso-ligatures:none;mso-fareast-language:ES">Samuel Moya Tinoco</span></b><span \
style="mso-ligatures:none;mso-fareast-language:ES"><o:p></o:p></span></p> <p \
class="MsoNormal" style="line-height:115%"><span \
style="mso-ligatures:none;mso-fareast-language:ES">Departamento de Sistemas y Redes \
<o:p></o:p></span></p> <p class="MsoNormal" style="line-height:115%"><span \
lang="EN-US" style="mso-ligatures:none;mso-fareast-language:ES">Móvil: (+34) \
606985997<o:p></o:p></span></p> <p class="MsoNormal" style="line-height:115%"><span \
style="color:#1F497D;mso-ligatures:none;mso-fareast-language:ES"><a \
href="mailto:smoya@vivelibre.es"><span style="color:#0563C1">smoya</span><span \
lang="EN-US" style="color:#0563C1">@vivelibre.es</span></a></span><span lang="EN-US" \
style="mso-ligatures:none;mso-fareast-language:ES"><o:p></o:p></span></p> <p \
class="MsoNormal" style="line-height:115%"><span lang="EN-US" \
style="color:#1F497D;mso-ligatures:none;mso-fareast-language:ES"> </span><span \
lang="EN-US" style="mso-ligatures:none;mso-fareast-language:ES"><o:p></o:p></span></p>
</td>
</tr>
<tr>
<td width="189" valign="top" style="width:5.0cm;padding:0cm 5.4pt 0cm 5.4pt">
<p class="MsoNormal" align="center" style="text-align:center;line-height:115%"><span \
style="font-size:5.0pt;line-height:115%;mso-ligatures:none;mso-fareast-language:ES"><o:p> </o:p></span></p>
<p class="MsoNormal" align="center" style="text-align:center;line-height:115%"><span \
style="mso-fareast-language:ES"><img border="0" width="110" height="46" \
style="width:1.15in;height:.4833in" id="_x0030__x0020_Imagen" \
src="cid:image001.png@01DA33E6.D2D833D0"><span \
style="mso-ligatures:none"><o:p></o:p></span></span></p> <p class="MsoNormal" \
align="center" style="text-align:center;line-height:115%"><span \
style="font-size:5.0pt;line-height:115%;mso-ligatures:none;mso-fareast-language:ES"><o:p> </o:p></span></p>
<p class="MsoNormal" align="center" style="text-align:center;line-height:115%"><span \
style="font-size:10.0pt;line-height:115%;mso-ligatures:none;mso-fareast-language:ES">Soluciones \
inteligentes <br>
para la autonomía personal</span><span \
style="mso-ligatures:none;mso-fareast-language:ES"><o:p></o:p></span></p> <p \
class="MsoNormal" align="center" style="text-align:center;line-height:50%"><span \
style="color:#1F497D;mso-ligatures:none;mso-fareast-language:ES"> </span><span \
style="mso-ligatures:none;mso-fareast-language:ES"><o:p></o:p></span></p> </td>
<td width="423" style="width:317.25pt;padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><span \
style="mso-ligatures:none;mso-fareast-language:ES"> </span><span \
style="mso-ligatures:none"><o:p></o:p></span></p> </td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><span \
style="mso-ligatures:none;mso-fareast-language:ES"><o:p> </o:p></span></p> <p \
class="MsoNormal"><o:p> </o:p></p> </div>
</body>
</html>
["image001.png" (image/png)]
__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-leave@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe:
--===============1338370734==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic