Dear Ambarish Mitra and others,
There is the following error in system call:
ipMessageTransport: sendMessage: creating new socket
Creating new SSL_CTX
SSL connect: Error in system call.
Could not get server certificate
SipMessageTransport: sendMessage: exception thrown!
SipMessageTransport: sendMessage: exception thrown!
SipMessageTransport: sendMessage: exception thrown!
SipMessageTransport: sendMessage: exception thrown!
SipMessageTransport: sendMessage: exception thrown!
SipMessageTransport: sendMessage: exception thrown!
SipMessageTransport: sendMessage: exception thrown!
--------------------------------------------------------------------------------------------------------
regarding the certificates, using the scripts given in OpenSER, I
create a CA and with the same CA I created the following for server
and client
Server:
server-cert
server-privkey
server-calist
Client
client-cert
client-privkey
client-calist
and loaded the sever certs in the server config file and the client
certs in the client config file.....
wat am I missing here, why is it not able to get the server certificate ?
Kindly guide me,
thanks and regards,
Pjothi
On 2/7/06, Ambarish Mitra <[EMAIL PROTECTED]> wrote:
> Use: SSL_get_error(ssl, err);
>
> This will give you more information on SSL_connect failure.
>
> err = SSL_connect (ssl);
> if (err <=0)
> {
> int errcode = SSL_get_error(ssl, err);
> switch(errcode)
> {
> case SSL_ERROR_NONE: break; // Cannot happen if err <=0
> case SSL_ERROR_ZERO_RETURN: fprintf(stderr,"SSL connect returned
> 0.");break;
> case SSL_ERROR_WANT_READ: fprintf(stderr,"SSL connect: Read
> Error.");break;
> case SSL_ERROR_WANT_WRITE: fprintf(stderr,"SSL connect: Write
> Error.");break;
> case SSL_ERROR_WANT_CONNECT: fprintf(stderr,"SSL connect: Error
> connect."); break;
> case SSL_ERROR_WANT_ACCEPT: fprintf(stderr,"SSL connect: Error
> accept."); break;
> case SSL_ERROR_WANT_X509_LOOKUP: fprintf(stderr,"SSL connect error:
> X509 lookup."); break;
> case SSL_ERROR_SYSCALL: fprintf(stderr,"SSL connect: Error in system
> call."); break;
> case SSL_ERROR_SSL: fprintf(stderr,"SSL connect: Protocol Error.");
> break;
>
> default: fprintf(stderr,"Failed SSL connect.");
> }
> }
>
> Let the group know the result - they we can guide better.
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Pjothi
> Sent: Tuesday, February 07, 2006 3:53 PM
> To: openssl-users@openssl.org
> Subject: possible reasons for SSL_connect() failure
>
>
> Dear all,
>
> I am trying to connect a tls enabled sip client(minisip: latest svn
> extracted version) with a tls enabled SIP proxy - OpenSER.(listening
> on port:5061). Its a simple LAN scenario.
>
> Problem:
>
> When (minisip) client tries to connect to the server(OpenSER), I get a
> SSL_connect() failed exception. As I understand only after
> SSL_connect(), the client ever checks the peer certificate. I cannot
> understand, what could be the possible reasons for a SSL_connect()
> failure. The server machine has Openssl installed (openssl 0.9.7g).
> Since its failing and not refused by the server, I am confident it
> tries in the correct post 5061 and a TCP socket is also being
> established.
>
> kindly let me know what could be the possible reasons of a SSL_connect
> failure and suggestions to solve it
>
> thanks and regards,
> Pjothi
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager [EMAIL PROTECTED]
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
