<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hello,<br>
<br>
if you run latest versions of web browsers, they become more
restrictive on wss connection. Be sure that the cetificate is also
trusted by the web browser.<br>
<br>
You can go with the web browser to https://ipofkamailio:portforwss
and see if you get any warnings there.<br>
<br>
Cheers,<br>
Daniel<br>
<br>
<div class="moz-cite-prefix">On 06/09/14 17:23, Manuel Camarg wrote:<br>
</div>
<blockquote
cite="mid:CAMjEs7Spm09ORJ6dyvbwWXWUxp+Wb082bVz01a3VRRmj8xmdDw@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>I'm trying to implement WSS with Kamailio</div>
<div>Thing is that WS works fine, I've followed:</div>
<div><a moz-do-not-send="true"
href="http://nil.uniza.sk/sip/kamailio/configuring-kamailio-4x-websocket">http://nil.uniza.sk/sip/kamailio/configuring-kamailio-4x-websocket</a><br>
</div>
<div><br>
</div>
<div>modparam("tls", "config", "webrtc/tls.cfg")<br>
</div>
<div>In a tls.cfg file I have :</div>
<div><br>
</div>
<div>
<div>[server:default]</div>
<div>method = SSLv23</div>
<div>verify_certificate = no<br>
</div>
<div>require_certificate = no</div>
<div>private_key = webrtc/private.key<br>
</div>
<div>certificate = webrtc/ssl.pem</div>
<div>ca_list = webrtc/ca_list.pem<br>
</div>
</div>
<div><br>
</div>
<div>In the log file:</div>
<div><br>
</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: tls
[tls_server.c:178]: tls_complete_init(): Using TLS domain
TLSs<default></div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: tls
[tls_domain.c:700]: sr_ssl_ctx_info_callback(): SSL handshake
started</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: <core>
[tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending...</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: <core>
[tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real
write: c= 0x7f7513516958 n=5524 fd=11</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: <core>
[tcp_main.c:2591]: tcpconn_do_send(): tcp_send:
buf=#012#026#003#003</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: <core>
[io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x8e0040,
11, 2, 0x7f7513516958), fd_no=1</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: tls
[tls_domain.c:712]: sr_ssl_ctx_info_callback(): SSL handshake
done</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: tls
[tls_domain.c:715]: sr_ssl_ctx_info_callback(): SSL disable
renegotiation</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: tls
[tls_server.c:348]: tls_accept(): TLS accept successful</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: tls
[tls_server.c:355]: tls_accept(): tls_accept: new connection
from <a moz-do-not-send="true"
href="http://123.123.123.123:63300">123.123.123.123:63300</a>
using TLSv1/SSLv3 AES256-SHA 256</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: tls
[tls_server.c:358]: tls_accept(): tls_accept: local socket: <a
moz-do-not-send="true" href="http://124.124.124.124:10443">124.124.124.124:10443</a></div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: tls
[tls_server.c:369]: tls_accept(): tls_accept: client did not
present a certificate</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: <core>
[tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sending...</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: <core>
[tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after real
write: c= 0x7f7513516958 n=282 fd=11</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: <core>
[tcp_main.c:2591]: tcpconn_do_send(): tcp_send:
buf=#012#026#003#003</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: <core>
[tcp_read.c:296]: tcp_read_data(): EOF on 0x7f7513516958, FD
11</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: <core>
[tcp_read.c:1293]: tcp_read_req(): tcp_read_req: EOF</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: <core>
[io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0x8e0040,
11, -1, 0x10) fd_no=2 called</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: <core>
[tcp_read.c:1437]: release_tcpconn(): releasing con
0x7f7513516958, state -1, fd=11, id=2</div>
<div>/usr/local/sbin/kamailio[4025]: DEBUG: <core>
[tcp_read.c:1438]: release_tcpconn(): extra_data
0x7f7513510a88</div>
<div>/usr/local/sbin/kamailio[4029]: DEBUG: <core>
[tcp_main.c:3385]: handle_tcp_child(): handle_tcp_child:
reader response= 7f7513516958, -1 from 1</div>
<div>/usr/local/sbin/kamailio[4029]: DEBUG: tls
[tls_server.c:597]: tls_h_close(): Closing SSL connection
0x7f7513510a88</div>
<div><br>
</div>
<div>In sipml5 the error:</div>
<div><br>
</div>
<div><i style="color:rgb(51,51,51);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:13px;line-height:18px;text-align:center;background-color:rgb(245,245,245)">Disconnected: <b>Failed
to connect to the server</b></i></div>
<div><br>
</div>
<div>In the Chrome console:<br>
</div>
<div><br>
</div>
<div><i
style="text-align:center;background-color:rgb(245,245,245)"><b
style=""><font face="Helvetica Neue, Helvetica, Arial,
sans-serif" color="#333333"><span
style="line-height:18px">__tsip_transport_ws_onerror </span></font><br>
</b></i></div>
<div><i
style="text-align:center;background-color:rgb(245,245,245)"><b
style=""><font face="Helvetica Neue, Helvetica, Arial,
sans-serif" color="#333333"><span
style="line-height:18px">__tsip_transport_ws_onclose </span></font></b></i></div>
<div><i
style="text-align:center;background-color:rgb(245,245,245)"><b
style=""><font face="Helvetica Neue, Helvetica, Arial,
sans-serif" color="#333333"><span
style="line-height:18px"><br>
</span></font></b></i></div>
<div>SSL certificates seem to be ok:</div>
<div>
<div># openssl verify -CAfile ca_list.pem ssl.pem</div>
<div>ssl.pem: OK</div>
</div>
<div><br>
</div>
<div>Can't figure out a solution :( Any ideas?<br>
</div>
<div>
<div dir="ltr"><br>
<div><b><font face="verdana, sans-serif" size="4">Manuel
Camargo</font></b></div>
<div><font face="verdana, sans-serif">Teléfono: 638000836<br>
eMail: <a moz-do-not-send="true"
href="mailto:sir.louen@gmail.com" target="_blank">sir.louen@gmail.com</a></font></div>
<div><br>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a>
<a class="moz-txt-link-freetext" href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Daniel-Constantin Mierla
<a class="moz-txt-link-freetext" href="http://twitter.com/#!/miconda">http://twitter.com/#!/miconda</a> - <a class="moz-txt-link-freetext" href="http://www.linkedin.com/in/miconda">http://www.linkedin.com/in/miconda</a>
Next Kamailio Advanced Trainings 2014 - <a class="moz-txt-link-freetext" href="http://www.asipto.com">http://www.asipto.com</a>
Sep 22-25, Berlin, Germany</pre>
</body>
</html>