Re: [SR-Users] please help to register sip phone to kamailio server via tls support.

Mon, 06 Sep 2010 02:19:19 -0700 


> Date: Mon, 6 Sep 2010 10:26:38 +0200
> From: klaus.mailingli...@pernau.at
> To: betergr...@live.com
> CC: sr-users@lists.sip-router.org
> Subject: Re: [SR-Users] please help to register sip phone to kamailio server 
> via tls support.
> 
> > log in :tail -f /var/log/message:
> >
> > Sep 4 05:18:50 appliance /usr/local/sbin/kamailio[3117]: ERROR: tls
> > [tls_server.c:392]: SSL error:error:14094418:SSL
> > routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
> >
> > in portgo : certificate validation failure.
> 
> It is rather clear - your SIP client does not accept the proxy's 
> certificate and thus terminates the TLS handshake with an "unknown ca" 
> error.
> 
> You have to configure your SIP client to accept the CA which has signed 
> the proxy's certificate.
> 
> regards
> klaus

Dear Klaus,

i have the same problem when add user-privkey.pem in SIP client, I use 3CX  
soft phone.

when i run command : kamctl tls userCERT user

openssl creates three file.

INFO: Private key is locate at 
/usr/local/etc/kamailio//tls/user/user-privkey.pem
INFO: Certificate is locate at /usr/local/etc/kamailio//tls/user/user-cert.pem
INFO: CA-List is locate at /usr/local/etc/kamailio//tls/user/user-calist.pem

i copy user-privkey.pem to PC which have SIP client. after that i change the 
name to root_cert_3CXphone.pem to add to 3CX soft phone.
but problem is the same.

Sep  6 08:59:33 appliance /usr/local/sbin/kamailio[4442]: ERROR: tls 
[tls_server.c:392]: SSL error:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 
alert unknown ca
Sep  6 08:59:34 appliance /usr/local/sbin/kamailio[4437]: ERROR: tls 
[tls_server.c:392]: SSL error:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 
alert unknown ca
Sep  6 08:59:34 appliance /usr/local/sbin/kamailio[4438]: ERROR: tls 
[tls_server.c:392]: SSL error:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 
alert unknown ca
Sep  6 08:59:34 appliance /usr/local/sbin/kamailio[4440]: ERROR: tls 
[tls_server.c:392]: SSL error:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 
alert unknown ca
Sep  6 08:59:34 appliance /usr/local/sbin/kamailio[4442]: ERROR: tls 
[tls_server.c:392]: SSL error:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 
alert unknown ca


please tell me, if you know 
thanks so much.
Peter Green

                                          
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

Reply via email to