Re: [SR-Users] Kamailio TLS client config selection

Hello, thanks, I will review it there. Cheers, Daniel On 02/11/16 07:37, Sergey Basov wrote: > Hi Daniel, > > I have just create pull request for this change. > > https://github.com/kamailio/kamailio/pull/842 > -- > Best regards, > Sergey Basov e-mail: sergey.v.ba...@gmail.c

Re: [SR-Users] Kamailio TLS client config selection

Hi Daniel, I have just create pull request for this change. https://github.com/kamailio/kamailio/pull/842 -- Best regards, Sergey Basov e-mail: sergey.v.ba...@gmail.com tel: (+38067) 403-62-54 2016-11-01 12:09 GMT+02:00 Daniel-Constantin Mierla : > Hello, > > can you open a

Re: [SR-Users] Kamailio TLS client config selection

Hello, can you open a pull request on github with the patch you propose for the fix? - https://github.com/kamailio/kamailio It is easier to review and travis-ci will take care to compile the patch and be sure it doesn't break latest master version. Cheers, Daniel On 26/10/16 08:59, Sergey B

[SR-Users] Kamailio TLS client config selection

Hi Daniel. After some try to configure kamailio 4.4.3 to act as SPI TLS client for Cisco SIP TLS gateways I have found one issue. If I do client configuration for tls [client:10.1.23.19:5061] verify_certificate = yes ca_list = /etc/kamailio/CAs/ca1.pem [client:10.1.23.29:5061] verify_certificat

Re: [SR-Users] kamailio TLS mod_register failed

i dont have "libssl-dev", im using SUSE, by default is coming with "libopenssl-devel" im using SLEs12 with "libopenssl-devel-1.0.1i-34.1" This trick seems is not valid for me :( any other sugestion? Regards, On 13 August 2016 09:44:16 CEST, Daniel-Constantin Mierla wrote: >Hello, > >thank

Re: [SR-Users] kamailio TLS mod_register failed

Hello, thanks for providing the hint -- I will add a note to the issue tracker. Cheers, Daniel On 13/08/16 06:08, Hai Bui Duc Ha wrote: > Hi all, > > I found the solution for this issue, just downgrade version libssl-dev > to 1.0.2d. > Ref: https://github.com/kamailio/kamailio/issues/714 > > Re

Re: [SR-Users] kamailio TLS mod_register failed

Hi all, I have the same problem when update my libssl-dev to 1.0.2h. Do we have any solution ? I'm running Ubuntu 14.04 sever Regards, Hai Bui On Fri, Jun 17, 2016 at 6:59 PM, Daniel-Constantin Mierla wrote: > Is any chance that I get access to the system to do some tests myself? It > looks li

Re: [SR-Users] kamailio TLS mod_register failed

Hi all, I found the solution for this issue, just downgrade version libssl-dev to 1.0.2d. Ref: https://github.com/kamailio/kamailio/issues/714 Regards, Hai Bui On Fri, Aug 12, 2016 at 7:01 PM, Hai Bui Duc Ha wrote: > Hi all, > > I have the same problem when update my libssl-dev to 1.0.2h. > Do

Re: [SR-Users] Kamailio+tls not working with Ubuntu 16.04

I have no experience in ssl coding and not deep know algorithms for working with it. I will try to make something but i suppose it will be longe than whait you. Anyway i will try by my side, and let you know if will do it. But if you will have time - will be great if you start to do it because i su

Re: [SR-Users] Kamailio+tls not working with Ubuntu 16.04

Hello, the plan was to dig more in the libssl, because it seems to have the memory/locking management functions already set. But with IETF and traveling, I didn't have any time for it. Maybe you can make a very simple c program linking to libssl that just prints the memory functions as done by th

Re: [SR-Users] Kamailio+tls not working with Ubuntu 16.04

I also checked archive SR-users.list and found question about same staff. I installed kamailio from master branch on ubuntu 16.04 with small changes at tls module. It gives same error but more clear result. (tested with default kamailio file - moved tls.so before ALL modules) 0(27545) ERROR: tls

[SR-Users] Kamailio+tls not working with Ubuntu 16.04

Just asking about any progress of this staff THere is a bug descried at the ubuntu bug tracker https://bugs.launchpad.net/ubuntu/+source/kamailio/+bug/1591992 There is bug that i wrote at the kamailio bug tracker https://github.com/kamailio/kamailio/issues/714 Closed it because It is not trouble

Re: [SR-Users] kamailio TLS mod_register failed

Is any chance that I get access to the system to do some tests myself? It looks like something specific for your system, running tls fine in many servers... Cheers, Daniel On 15/06/16 16:16, wanmon wrote: > exactly the same error! > > just disabling "#!define WITH_TLS" and start immediately with

Re: [SR-Users] kamailio TLS mod_register failed

exactly the same error! just disabling "#!define WITH_TLS" and start immediately with "kamailio -m 64" or "kamctl start" may help re-compile openssl from scratch (i installed from .rpm)? any specific version? openssl-1.0? openssl-0.98? Regards, On 14 June 2016 16:03:30 CEST, Daniel-Const

Re: [SR-Users] kamailio TLS mod_register failed

Hello, are you providing -m command line parameter? If not, can you try adding it (e.g., -m 64) to the command starting kamailio, like: kamailio -m 64 ... Using kamctl is not really recommended to start kamailio. Cheers, Daniel On 14/06/16 13:21, wanmon wanmon wrote: > > kamctl start > ERROR

Re: [SR-Users] kamailio TLS mod_register failed

  kamctl start ERROR: PID file /var/run/kamailio.pid does not exist -- Kamailio start failed   2016-06-14T13:29:39.269439+02:00 host kamailio: DEBUG: [cfg.y:1619]: yyparse(): loading modules under /usr/local/lib64/kamailio/modules/ 2016-06-14T13:29:39.270075+02:00 host kamailio: DEBUG: [cfg

Re: [SR-Users] kamailio TLS mod_register failed

loadmodule "presence.so" > loadmodule "presence_xml.so" > loadmodule "nathelper.so" > loadmodule "rtpproxy.so" > loadmodule "htable.so" > loadmodule "pike.so" > loadmodule "xmlrpc.so" > loadmodule "deb

Re: [SR-Users] kamailio TLS mod_register failed

;rtpproxy.so" loadmodule "htable.so" loadmodule "pike.so" loadmodule "xmlrpc.so" loadmodule "debugger.so"     (...) #!define WITH_TLS #!define WITH_MYSQL #!define WITH_AUTH #!define WITH_ALIASDB #!define WITH_NAT #!define WITH_USRLOCDB (...

Re: [SR-Users] kamailio TLS mod_register failed

ial.so" > loadmodule "domain.so" > loadmodule "presence.so" > loadmodule "presence_xml.so" > loadmodule "nathelper.so" > loadmodule "rtpproxy.so" > loadmodule "tls.so" > loadmodule "htable.so" &

Re: [SR-Users] kamailio TLS mod_register failed

" loadmodule "alias_db.so" loadmodule "speeddial.so" loadmodule "domain.so" loadmodule "presence.so" loadmodule "presence_xml.so" loadmodule "nathelper.so" loadmodule "rtpproxy.so" loadmodule "tls.so" loadmodule "ht

Re: [SR-Users] kamailio TLS mod_register failed

t; Betreff: Re: [SR-Users] kamailio TLS mod_register failed Hello, can you paste the list of laodmodule lines you have in the kamailio.cfg? Cheers, Daniel   On 13/06/16 11:07, wanmon wanmon wrote: Hi,   i got the follow error when i try to start Kamailio with "TLS" enabled (#!defin

Re: [SR-Users] kamailio TLS mod_register failed

Hello, can you paste the list of laodmodule lines you have in the kamailio.cfg? Cheers, Daniel On 13/06/16 11:07, wanmon wanmon wrote: > Hi, > > i got the follow error when i try to start Kamailio with "TLS" enabled > (#!define WITH_TLS): > > *2016-06-13T11:11:41.316540+02:00 host kamailio:

[SR-Users] kamailio TLS mod_register failed

Hi,   i got the follow error when i try to start Kamailio with "TLS" enabled (#!define WITH_TLS):   2016-06-13T11:11:41.316540+02:00 host kamailio: ERROR: tls [tls_init.c:490]: tls_pre_init(): Unable to set the memory allocation functions 2016-06-13T11:11:41.316918+02:00 host kamailio: ERROR:

Re: [SR-Users] Kamailio TLS and SIP-Package building

<mailto:sr-users@lists.sip-router.org> Subject: [SR-Users] Kamailio TLS and SIP-Package building Good afternoon all, I have two questions regarding my configs: kamailio.cfg<http://pastebin.com/32PCh8n0> tls.cfg<http://pastebin.com/gnWZeD9e> . I am using Kamailio 4.3.5 on C

Re: [SR-Users] Kamailio TLS and SIP-Package building

I'd think you'd also need to enable TCP in order to use TLS. You explicitly disable TCP. From: sr-users [mailto:sr-users-boun...@lists.sip-router.org] On Behalf Of Nagorny, Dimitry Sent: 13 April 2016 14:56 To: sr-users@lists.sip-router.org Subject: [SR-Users] Kamailio TLS and S

[SR-Users] Kamailio TLS and SIP-Package building

Good afternoon all, I have two questions regarding my configs: kamailio.cfg tls.cfg . I am using Kamailio 4.3.5 on Cent OS 7.2 and all relevant pakage up-to-date. 1.)When I try to start Kamailio I get the following warning: WARN

Re: [SR-Users] Kamailio TLS

Send the text of the error message from syslog, otherwise is obviously not easy to guess and help. Cheers, Daniel On 11/02/16 18:50, Kanon488 wrote: > I have an error when i put the sentence #!define WITH_TLS, when i restart my > kamailio i have an error, i already add to modules.tls the modules

Re: [SR-Users] Kamailio TLS

I have an error when i put the sentence #!define WITH_TLS, when i restart my kamailio i have an error, i already add to modules.tls the modules like mysql, and websockets. If you have some idea that what is the problem, please tell me -- View this message in context: http://sip-router.1086192.

Re: [SR-Users] Kamailio TLS handshake fails above 6500 TLS connections

Hello, first, look at doc/tcp_tunning.txt in the source code tree to get some hints on scaling the capacity for tcp (under-layer for tls). Then, tls handshaking failure can happen from various reasons, you can run kamailio with debug=3 in config and see more details about what is happening when t

Re: [SR-Users] Kamailio TLS configuration

Alexandru Covalschi writes: > Can you please specify how to include multiple certs into ca list? on debian: cat /etc/ss/certs/* > ca_list -- juha ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.or

Re: [SR-Users] Kamailio TLS configuration

Alexandru Covalschi writes: > Any way of specifiying all popular certification centers it default calist? > Shouldn't it use those which already exist in the system? > (/etc/ssl/...) I once tried to include all that are in /etc/ssl/certs/. If I remember correctly, Kamailio used lots of memory an

Re: [SR-Users] Kamailio TLS configuration

When your server contacts the public server, your server acts as a tls client. So you may need to copy the server section settings (at least the calist) into the client section of tls.cfg. Sent from my iPhone > On Aug 28, 2015, at 12:01 PM, Alexandru Covalschi <568...@gmail.com> wrote: > > Hel

Re: [SR-Users] Kamailio TLS configuration

And server is under Amazon EC2, but that shouldn't really make any sense 2015-08-29 0:11 GMT+03:00 Alexandru Covalschi <568...@gmail.com>: > Forgot to add > cat /etc/issue > Debian GNU/Linux 8 \n \l > > > kamailio -V > version: kamailio 4.3.1 (x86_64/linux) > flags: STATS: Off, USE_TCP, USE_TLS,

Re: [SR-Users] Kamailio TLS configuration

Forgot to add cat /etc/issue Debian GNU/Linux 8 \n \l kamailio -V version: kamailio 4.3.1 (x86_64/linux) flags: STATS: Off, USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, F_MALLOC, DBG_F_MALLOC, USE_FUTEX, FAST_LOCK-ADAP

[SR-Users] Kamailio TLS configuration

Hello! I'm having problems with Kamailio configuration with TLS. Or, maybe, that's my misunderstanding about how it should work. So, the issue - inbound TLS works just great, I can call everyone in my domain. I have PositiveSSL certificate, so I have such files: calist.crt AddTrustExternalCARoot.

[SR-Users] Kamailio TLS handshake fails above 6500 TLS connections

Hi All, We are trying to make 1 tls connection with Kamailio server for SIP signaling.When I try beyond 6500 TLS connection then TLS handshake is failing.We are running the kamailio by using below command - kamailio -f kamailio.cfg -N 40 -m 1024 -M 16 NOTE: In kamailio.cfg, we have menti

Re: [SR-Users] Kamailio + TLS

Thanks a lot. -- View this message in context: http://sip-router.1086192.n5.nabble.com/Kamailio-TLS-tp126046p126053.html Sent from the Users mailing list archive at Nabble.com. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing l

Re: [SR-Users] Kamailio + TLS

The logs show access issue to the certificate file: Mar 13 11:35:27 server /usr/sbin/kamailio[3827]: ERROR: tls [tls_domain.c:417]: load_cert(): TLSs: Unable to load certificate file '/etc/certs/demoCA/ps.sip.uniza.sk/cert.pem' Mar 13 11:35:27 server /usr/sbin/kamailio[3827]: ERROR: tls [tls_d

Re: [SR-Users] Kamailio + TLS

Ok. But, in this directory /etc/certs/demoCA/ps.sip.uniza.sk/cert.pem have certificate and everyone can read him. I used this tutorial Whats wrong. Thanks for helping me. -- View this message in context: h

Re: [SR-Users] Kamailio + TLS

Adrian writes: > Yes, but i dont understand. It's something with tls module? read again: Mar 13 11:35:27 server /usr/sbin/kamailio[3827]: ERROR: tls [tls_domain.c:417]: load_cert(): TLSs: Unable to load certificate file '/etc/certs/demoCA/ps.sip.uniza.sk/cert.pem' -- juha ___

Re: [SR-Users] Kamailio + TLS

Yes, but i dont understand. It's something with tls module? -- View this message in context: http://sip-router.1086192.n5.nabble.com/Kamailio-TLS-tp126046p126049.html Sent from the Users mailing list archive at Nabble.com. ___ SIP Express Router (SER

[SR-Users] Kamailio + TLS

Adrian writes: > Hi. I have configured Kamailio with Websockets. I want to add TLS. I > generated certifikates with openssl and configured tls.cfg. But when i try > to run kamailio, it gives me error, failed to start. > This my syslog . Can anybody help me > please?

[SR-Users] Kamailio + TLS

Hi. I have configured Kamailio with Websockets. I want to add TLS. I generated certifikates with openssl and configured tls.cfg. But when i try to run kamailio, it gives me error, failed to start. This my syslog . Can anybody help me please? Thanks. -- View this

Re: [SR-Users] Kamailio TLS

On 05.07.2013 16:50, Kethzer Docteur wrote: Im trying to enable Kamailio TLS but the configuration is not running at all when I cahnge it liike this as follow. "please help me, my car does not work" If you want us to help you, you have to provide detailed error reports. Take a look at the l

[SR-Users] Kamailio TLS

Im trying to enable Kamailio TLS but the configuration is not running at all when I cahnge it liike this as follow. Kamailio 3.3 ubuntu 12.04 LTS #!define WITH_TLS #!ifdef WITH_TLS enable_tls=yes #!endif #!ifdef WITH_TLS loadmodule "tls.so" #!endif #!ifdef WITH_TLS # - tls params - modp

Re: [SR-Users] Kamailio TLS setup and certificate

On Saturday 29 December 2012 09:48:35 Burak ÖZTÜRK wrote: > I want to enable kamailio's tls support. I fallowed instructions from this > link : http://www.kamailio.org/dokuwiki/doku.php/tls:create-certificates If you just followed this article, my guess is that you have user/group permission pro

[SR-Users] Kamailio TLS setup and certificate

Hi, I m a new kamailio user. Kamailio version is 3.3. I want to enable kamailio's tls support. I fallowed instructions from this link :  http://www.kamailio.org/dokuwiki/doku.php/tls:create-certificates And I also enabled tls module in the kamailio.cfg file. (definig WITH_TLS and adding listen=t

Re: [SR-Users] Kamailio TLS with intermediate CA certificates

Hello, On 1/29/12 2:53 PM, Daniel Pocock wrote: Construct the PEM file in this exact order: cat server.example.com.pem> chain-server.example.com.pem cat inter2.pem>> chain-server.example.com.pem cat inter1.pem>> chain-server.example.com.pem and then, in tls.cfg: certificate=chain-server.ex

Re: [SR-Users] Kamailio TLS with intermediate CA certificates

>> I notice that Asterisk needs to be patched to do it the way Kamailio does: >> >> https://issues.asterisk.org/jira/browse/ASTERISK-17727 > > The Asterisk TCP/TLS implementation is marked experimental for a reason. And > it's been that way for many years. All the more reason for people to use

Re: [SR-Users] Kamailio TLS with intermediate CA certificates

29 jan 2012 kl. 22:27 skrev Daniel Pocock: > > > On 29/01/12 21:47, Iñaki Baz Castillo wrote: >> 2012/1/29 Daniel Pocock : >>> It's a little bit different in Apache, where the user specifies a file >>> containing intermediate certs - many of the CAs give instructions for >>> adding that file in

Re: [SR-Users] Kamailio TLS with intermediate CA certificates

On 29/01/12 21:47, Iñaki Baz Castillo wrote: > 2012/1/29 Daniel Pocock : >> It's a little bit different in Apache, where the user specifies a file >> containing intermediate certs - many of the CAs give instructions for >> adding that file in Apache, but they make no mention of >> OpenSSL/Kamaili

Re: [SR-Users] Kamailio TLS with intermediate CA certificates

2012/1/29 Daniel Pocock : > It's a little bit different in Apache, where the user specifies a file > containing intermediate certs - many of the CAs give instructions for > adding that file in Apache, but they make no mention of > OpenSSL/Kamailio/concatenating everything, so I imagine people will

Re: [SR-Users] Kamailio TLS with intermediate CA certificates

>> Construct the PEM file in this exact order: >> >> cat server.example.com.pem > chain-server.example.com.pem >> cat inter2.pem >> chain-server.example.com.pem >> cat inter1.pem >> chain-server.example.com.pem >> >> and then, in tls.cfg: >> >> certificate=chain-server.example.com.pem >> > > This

Re: [SR-Users] Kamailio TLS with intermediate CA certificates

29 jan 2012 kl. 13:11 skrev Daniel Pocock: > > > I found that my TLS client was not happy because my server cert is > signed by an intermediate root. > > A quick search in Google found other people mentioning the same problem, > but no solution or documentation. > > I've had a quick look in t

[SR-Users] Kamailio TLS with intermediate CA certificates

I found that my TLS client was not happy because my server cert is signed by an intermediate root. A quick search in Google found other people mentioning the same problem, but no solution or documentation. I've had a quick look in the Kamailio source and I notice it is using the call: