Dear All<br>While executing TLS enabled Kamailio proxy (3.1.5), getting below error.<br><br><i><b> 0(15895) INFO: tls [tls_domain.c:227]: TLSs<default>: verify_depth=9<br> 0(15895) ERROR: tls [tls_domain.c:393]: TLSs<default>: Unable to load certificate file './modules/tls/ser-selfsigned.pem'<br>
0(15895) ERROR: tls [tls_domain.c:394]: load_cert:error:02001002:system library:fopen:No such file or directory<br> 0(15895) ERROR: tls [tls_domain.c:394]: load_cert:error:20074002:BIO routines:FILE_CTRL:system lib<br> 0(15895) ERROR: tls [tls_domain.c:394]: load_cert:error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib<br>
0(15895) ERROR: <core> [sr_module.c:832]: init_mod_child(): Error while initializing module tls (/usr/local/lib/kamailio/modules/tls.so)<br> 0(15895) ERROR: <core> [main.c:1532]: ERROR: main: error in init_child(PROC_INT) -- exiting<br>
0(15895) : <core> [mem/q_malloc.c:431]: BUG: qm_free: bad pointer (nil) (out of memory block!) - aborting<br> 0(15893) ERROR: <core> [daemonize.c:307]: Main process exited before writing to pipe<br></b></i><br>
<br>I performed below steps to compile and install.<br><br>1. I had a working Kamailio-3.1.5 code base without TLS<br>2. Downloaded latest openssl source code<br>3. Compiled and generated libssl.a and libcrypto.a<br>4. Next, I recompiled kamailio proxy, compilation did not go through. I had to modify Makefile in modules/tls module, added path for openssl/bio.h and path for libssl.a<br>
5. Then executed make all clean and make all include_modules=tls , this time compilation succeeded<br>6. Next I did make install<br>7. Generated certificates using openssl library that comes by default with ubuntu 10.04 lte<br>
8. Added below entries in kamailio.cfg<br><br><br>#!define WITH_TLS<br><br><br>#!ifdef WITH_TLS<br>loadmodule "tls.so"<br>modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg")<br>
modparam("tls", "private_key", "/etc/certs/<a href="http://localb2bua.com/key.pem">localb2bua.com/key.pem</a>")<br>modparam("tls", "certificate", "/etc/certs/<a href="http://localb2bua.com/cert.pem">localb2bua.com/cert.pem</a>")<br>
modparam("tls", "ca_list", "/etc/certs/demoCA/cert.pem")<br>enable_tls=yes<br>#!endif<br><br>9. Then I tried running kamailio proxy<br>It complained not getting tls.so and tls.cfg<br>Copied these files from modules/tls to /usr/local/etc/kamailio/ path<br>
<br>10. Then I was able to run Kamailio proxy and got the errors pasted at top of email (<i><b> Unable to load certificate file './modules/tls/ser-selfsigned.pem')<br></b></i><br>Please guide me what should I do to avoid this error.<br>
<br>Thanks a lot.<br>-Kamal<br><br><i><b><br></b></i>