<div dir="ltr">Hello Daniel, <div><br></div><div>I am using this ..</div><div><pre style="color:rgb(255,255,255);font-family:Menlo;font-size:9pt;background-color:rgb(0,34,64)">loadmodule <span style="color:rgb(58,217,0);font-weight:bold">"tls.so"<br></span>modparam(<span style="color:rgb(58,217,0);font-weight:bold">"tls"</span>, <span style="color:rgb(58,217,0);font-weight:bold">"tls_method"</span>, <span style="color:rgb(58,217,0);font-weight:bold">"TLSv1"</span>)<br>modparam(<span style="color:rgb(58,217,0);font-weight:bold">"tls"</span>, <span style="color:rgb(58,217,0);font-weight:bold">"certificate"</span>, <span style="color:rgb(58,217,0);font-weight:bold">"/usr/local/kamailio/etc/kamailio/cc_kamailio/my_cert.net.crt"</span>)<br>modparam(<span style="color:rgb(58,217,0);font-weight:bold">"tls"</span>, <span style="color:rgb(58,217,0);font-weight:bold">"private_key"</span>, <span style="color:rgb(58,217,0);font-weight:bold">"/usr/local/kamailio/etc/kamailio/cc_kamailio/my_key.net.key"</span>)<br>modparam(<span style="color:rgb(58,217,0);font-weight:bold">"tls"</span>, <span style="color:rgb(58,217,0);font-weight:bold">"verify_certificate"</span>, <span style="color:rgb(255,98,140)">0</span>)<br>modparam(<span style="color:rgb(58,217,0);font-weight:bold">"tls"</span>, <span style="color:rgb(58,217,0);font-weight:bold">"require_certificate"</span>, <span style="color:rgb(255,98,140)">0</span>)</pre></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr">Thanking You,<br>Sunil More<br>Ph : 9503338275</div></div></div>
<br><div class="gmail_quote">On Mon, May 9, 2016 at 5:32 PM, Daniel-Constantin Mierla <span dir="ltr"><<a href="mailto:miconda@gmail.com" target="_blank">miconda@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<p>Hello,</p>
<p>look at your tls.cfg file (or modparams for tls module) and
change the setting for requiring tls certificate for clients.<br>
</p>
Cheers,<br>
Daniel<div><div class="h5"><br>
<br>
<div>On 09/05/16 13:44, Sunil More wrote:<br>
</div>
</div></div><blockquote type="cite"><div><div class="h5">
<div dir="ltr">Hello All,
<div><br>
</div>
<div>I am trying to connect Kamailio over WSS and the error I
get is "tls_accept: client did not present a certificate" . It
works fine for WS, however Please guide me to connect over
WSS.</div>
<div><br>
</div>
<div>the following are the logs i See..</div>
<div><br>
</div>
<div>
<p><span>DEBUG: tls [tls_domain.c:703]:
sr_ssl_ctx_info_callback(): SSL handshake started</span></p>
<p><span>
</span></p>
<p><span>DEBUG: <core>
[tcp_main.c:2430]: tcpconn_do_send(): sending...</span></p>
<p><span>ay 9 11:07:01 P172
/usr/local/kamailio/sbin/kamailio[32025]: DEBUG: tls
[tls_domain.c:715]: sr_ssl_ctx_info_callback(): SSL
handshake done</span></p>
<p><span>May 9 11:07:01 P172
/usr/local/kamailio/sbin/kamailio[32025]: DEBUG: tls
[tls_domain.c:718]: sr_ssl_ctx_info_callback(): SSL
disable renegotiation</span></p>
<p><span>May 9 11:07:01 P172
/usr/local/kamailio/sbin/kamailio[32025]: DEBUG: tls
[tls_server.c:411]: tls_accept(): TLS accept successful</span></p>
<p><span>May 9 11:07:01 P172
/usr/local/kamailio/sbin/kamailio[32025]: DEBUG: tls
[tls_server.c:418]: tls_accept(): tls_accept: new
connection from <a href="http://sunilmore.in:49703" target="_blank">sunilmore.in:49703</a>
using TLSv1/SSLv3 AES256-SHA 256</span></p>
<p><span>May 9 11:07:01 P172
/usr/local/kamailio/sbin/kamailio[32025]: DEBUG: tls
[tls_server.c:421]: tls_accept(): tls_accept: local
socket:<a href="http://sunilmore.in:10082" target="_blank">sunilmore.in:10082</a></span></p>
<p>
</p>
<p><span>May 9 11:07:01 P172
/usr/local/kamailio/sbin/kamailio[32025]: DEBUG: tls
[tls_server.c:432]: tls_accept(): tls_accept: client did
not present a certificate</span></p>
<p><span>And the websocket closes. Please
help.</span></p>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>
<div>
<div>
<div dir="ltr">Thanking You,<br>
Sunil More<br>
Ph : 9503338275</div>
</div>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
</div></div><pre>_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
<a href="mailto:sr-users@lists.sip-router.org" target="_blank">sr-users@lists.sip-router.org</a>
<a href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users" target="_blank">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a><span class="HOEnZb"><font color="#888888">
</font></span></pre><span class="HOEnZb"><font color="#888888">
</font></span></blockquote><span class="HOEnZb"><font color="#888888">
<br>
<pre cols="72">--
Daniel-Constantin Mierla
<a href="http://www.asipto.com" target="_blank">http://www.asipto.com</a>
<a href="http://twitter.com/#!/miconda" target="_blank">http://twitter.com/#!/miconda</a> - <a href="http://www.linkedin.com/in/miconda" target="_blank">http://www.linkedin.com/in/miconda</a>
Kamailio World Conference, Berlin, May 18-20, 2016 - <a href="http://www.kamailioworld.com" target="_blank">http://www.kamailioworld.com</a></pre>
</font></span></div>
<br>_______________________________________________<br>
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list<br>
<a href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a><br>
<a href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users" rel="noreferrer" target="_blank">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a><br>
<br></blockquote></div><br></div></div>