Hello, On 25/06/15 15:06, Austin Einter wrote: > Hi All > I am having a sip client, I am using GNU tls for transport layer security. > > I am using Kamailio (TLS enabled) to test all the functionalities. > > I did registration over TLS. It was fine. > > I tried to make call. > I was able to send INVITE. > Kamaiio trying to connect to called party (which is again my sip > endpoint). > That time certificate verification failed. > > > _*Error log*_ > /* 8(14180) ERROR: tls [tls_server.c:1193]: tls_read_f(): TLS > write:error:14090086:SSL > routines:ssl3_get_server_certificate:certificate verify failed > 8(14180) ERROR: <core> [tcp_read.c:1326]: tcp_read_req(): ERROR: > tcp_read_req: error reading > 8(14180) DEBUG: <core> [tcp_read.c:1481]: release_tcpconn(): > releasing con 0x7f962f6b6db8, state -2, fd=5, id=3*/ > > How do I debug and fix this issue. > > Can somebody help me out. you can disable certificate verification in the tls.cfg inside the [client:default] section.
Otherwise, the CA list must include the certificate of the CA that signed the certificate of the client. Cheers, Daniel -- Daniel-Constantin Mierla http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Book: SIP Routing With Kamailio - http://www.asipto.com
_______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
