[SR-Users] TLS Handshake failing with WSS

Discussion:

Manuel Camarg

2014-09-06 15:23:37 UTC

I'm trying to implement WSS with Kamailio
Thing is that WS works fine, I've followed:
http://nil.uniza.sk/sip/kamailio/configuring-kamailio-4x-websocket

modparam("tls", "config", "webrtc/tls.cfg")
In a tls.cfg file I have :

[server:default]
method = SSLv23
verify_certificate = no
require_certificate = no
private_key = webrtc/private.key
certificate = webrtc/ssl.pem
ca_list = webrtc/ca_list.pem

In the log file:

/usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:178]:
tls_complete_init(): Using TLS domain TLSs<default>
/usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:700]:
sr_ssl_ctx_info_callback(): SSL handshake started
/usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2556]:
tcpconn_do_send(): tcp_send: sending...
/usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2590]:
tcpconn_do_send(): tcp_send: after real write: c= 0x7f7513516958 n=5524
fd=11
/usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2591]:
tcpconn_do_send(): tcp_send: buf=#012#026#003#003
/usr/local/sbin/kamailio[4025]: DEBUG: <core> [io_wait.h:390]:
io_watch_add(): DBG: io_watch_add(0x8e0040, 11, 2, 0x7f7513516958), fd_no=1
/usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:712]:
sr_ssl_ctx_info_callback(): SSL handshake done
/usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_domain.c:715]:
sr_ssl_ctx_info_callback(): SSL disable renegotiation
/usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:348]:
tls_accept(): TLS accept successful
/usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:355]:
tls_accept(): tls_accept: new connection from 123.123.123.123:63300 using
TLSv1/SSLv3 AES256-SHA 256
/usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:358]:
tls_accept(): tls_accept: local socket: 124.124.124.124:10443
/usr/local/sbin/kamailio[4025]: DEBUG: tls [tls_server.c:369]:
tls_accept(): tls_accept: client did not present a certificate
/usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2556]:
tcpconn_do_send(): tcp_send: sending...
/usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2590]:
tcpconn_do_send(): tcp_send: after real write: c= 0x7f7513516958 n=282 fd=11
/usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_main.c:2591]:
tcpconn_do_send(): tcp_send: buf=#012#026#003#003
/usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:296]:
tcp_read_data(): EOF on 0x7f7513516958, FD 11
/usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1293]:
tcp_read_req(): tcp_read_req: EOF
/usr/local/sbin/kamailio[4025]: DEBUG: <core> [io_wait.h:617]:
io_watch_del(): DBG: io_watch_del (0x8e0040, 11, -1, 0x10) fd_no=2 called
/usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1437]:
release_tcpconn(): releasing con 0x7f7513516958, state -1, fd=11, id=2
/usr/local/sbin/kamailio[4025]: DEBUG: <core> [tcp_read.c:1438]:
release_tcpconn(): extra_data 0x7f7513510a88
/usr/local/sbin/kamailio[4029]: DEBUG: <core> [tcp_main.c:3385]:
handle_tcp_child(): handle_tcp_child: reader response= 7f7513516958, -1
from 1
/usr/local/sbin/kamailio[4029]: DEBUG: tls [tls_server.c:597]:
tls_h_close(): Closing SSL connection 0x7f7513510a88

In sipml5 the error:

*Disconnected: Failed to connect to the server*

In the Chrome console:

*__tsip_transport_ws_onerror *
*__tsip_transport_ws_onclose *

SSL certificates seem to be ok:
# openssl verify -CAfile ca_list.pem ssl.pem
ssl.pem: OK

Can't figure out a solution :( Any ideas?

*Manuel Camargo*
TelÃ©fono: 638000836
eMail: sir.louen-***@public.gmane.org

Daniel-Constantin Mierla

2014-09-08 12:57:39 UTC