> From: owner-openssl-us...@openssl.org On Behalf Of prathima > Sent: Wednesday, 07 January, 2009 05:27
(I haven't seen any other response yet, although this is pretty basic) > I am using Microst Live Communication server 2005 as server for > Mutual TLS > authentication with a SIP phone.(Polycom SoundPoint IP 650 as client) > I installed client certificates(generated using Microsot LCS CA) on my > client . > During Mutual TLS authentication, immediately after the > completion of Mutual > TLS handshake, server is resetting the connection with the client. > > Client side logs show the following error: > SSL_get_error Error code=5 (SSL_ERROR_SYSCALL) > Send SSL_get_error 5 = error:00000000:lib(0):func(0):reason(0) > > Could you guys let me know why the LCS server is resetting the connection > with the client? From the logs it shows SSL_ERROR_SYSCALL , can > somebody let > me know > the possible reasons for this error? Are there any config issues on the > server side to be taken care in this respect? > > If the server truly resets (RST at TCP level), the client gets ERROR_SYSCALL because the (next) socket I/O call gives an error. After any ERROR_SYCALL you can (should) check errno on Unix or WSAGetLastError() on Windows, and in this case you should see the value (for your OS/stack, it varies) of ECONNRESET. (In my experience however Microsoft systems usually don't reset, they do a normal TCP disconnect aka FIN even for error cases.) Why the server resets, I can't help you. Doesn't it have any logs you can look at, or if it belongs to someone else ask them to do so? Or a support site/group/whatever for that specific software? Or do you have more detailed logs from the client showing exactly what was done before the reset, and perhaps from another (working) client that shows what would be expected next? That might give some clues, although the server might still be doing something weird for its own reasons irrespective of the client(s). If you don't have such logging in your client, you could try using instead openssl commandline s_client with -msg; that does. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
