[VOIPSEC] minisip TLS connect server cert problem

Pjothi pjothi at gmail.com
Wed Feb 8 09:27:54 CST 2006 

Sorry about the deluge of emails. I am happy atleast to let people
know that all is not well with minisip-openser tls interconnection,
atleast for a beginner to get it running.So experts can get cautious
when trying to do it now or in the future.

I thank everyone for their time,

regards,
Pjothi

>
> On 2/8/06, Cesc <cesc.santa at gmail.com> wrote:
> > I really don't mean to be rude, but you asked the same question over
> > and over, and noone replies for a reason: probably no one has the time
> > to figure it out ... at least i don't.
> >
> > A suggestion, though. Read the code, find where it fails, try to
> > understand TLS and how it works ... you may have a conceptual error
> > ... or not (minisip has bugs, as any other piece of software).
> >
> > Regards,
> >
> > Cesc
> >
> > On 2/8/06, Pjothi <pjothi at gmail.com> wrote:
> > > Hello all,
> > >
> > > I am trying to connect minisip with OpenSER in TLS mode. I created my own
> > > rootCA and created certificates for OpenSER signed by rootCA-certificate.
> > >
> > > Now, I have the following
> > >
> > > rootCA-certificate
> > >
> > > the following certificates signed by rootCA-certificate:
> > >
> > > server-certificate
> > > server-ca list
> > > and also server private key.
> > >
> > > I added in the CA database - rootCA-cert.pem and try registering with
> > > OpenSER, I get the following error:
> > > ___________________________________________________________________
> > > Registering user user4 at 192.168.0.4 to proxy 192.168.0.4, requesting
> > > domain 192.168.0.4
> > >
> > > SipMessageTransport: sendMessage: creating new socket
> > > Creating new SSL_CTX
> > > SSL connect: Protocol Error.
> > > 7875:error:14090086:SSL
> > > routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
> > > failed:s3_clnt.c:844:
> > > Could not get server certificate
> > > SipMessageTransport: sendMessage: exception thrown!
> > > SipMessageTransport: sendMessage: exception thrown!
> > > SipMessageTransport: sendMessage: exception thrown!
> > > ____________________________________________________________________
> > >
> > > Does this mean, the client is not able to get the server certificate
> > > or its not able to verify the server certificate, bcos I see both.
> > >
> > > How to properly configure the certificate settings in minisip client
> > > side. I do not need any client authentication to be done, so I dont
> > > worry about client certificates here.
> > >
> > > Any small suggestion/help would go a long way and I am trying with
> > > this for a very long time. I appreciate all your time and help.
> > >
> > > thanks and regards,
> > > Pjothi
> > > _______________________________________________
> > > Minisip-users mailing list
> > > Minisip-users at minisip.org
> > > http://lists.minisip.org/mailman/listinfo/minisip-users
> > >
> >
>

More information about the Voipsec mailing list