< Previous by Date	Date Index	Next by Date >
< Previous in Thread	Thread Index	Next in Thread >

Re: [reSIProcate-users] TLS help

From: Lakshmi Narayanan <vln.lakshminarayanan@xxxxxxxxx>
Date: Tue, 21 Apr 2009 12:34:41 +0530

Thanks Scott, Is this because of the "target domain=unspecified " from the server?

since when the initial register was sent the logs shows

Creating TLS connection for domain puresearch.xxxxxxx.com [ V4 148.147.172.163:5061 TLS target domain=purses52.puresearch.xxxxx.com mFlowKey=0 ] on 728
and when we get a call we get

[ V4 148.147.172.163:43807 TLS target domain=unspecified mFlowKey=0 ] as fd=2284

The Server machine is not in any domain as such, we have changed the hosts file in the drivers\etc for the domain name to be resolved.

Is this normal for the other end to form a TLS connection back to the B2B?

I see the following code in the TcpBaseTransport.cxx

DebugLog (<< "Received TCP connection from: " << tuple << " as fd=" << sock);

      if(!mConnectionManager.findConnection(tuple))
      {
         createConnection(tuple, sock, true);
      }
      else
      {
         InfoLog(<<"Someone probably sent a reciprocal SYN at us.");
         // ?bwc? Can we call this right after calling accept()?
         closeSocket(sock);
      }
   }

I understand that the findconnection is not able to find the tuble in the list and hence trying for a new connection, so my question is.. is the normay way it works?

Thanks,

V.Lakshmi Narayanan

On Mon, Apr 20, 2009 at 11:07 PM, Scott Godin <sgodin@xxxxxxxxxxxxxxx> wrote:

From the logs it looks like the other end is trying to form a TLS connection back to your B2B. In this case you are acting as the TLS server and you must install a domain certificate to provide to the TLS client, and it's corresponding private key.

Scott

On Mon, Apr 20, 2009 at 11:59 AM, Lakshmi Narayanan <vln.lakshminarayanan@xxxxxxxxx> wrote:

Hi,

We are using resiprocate 1.4 , we are able to succesfully register our B2B with our register server and the TLS connection is up. but when we send a call to the B2B we get an the following error

We have the certificate root_cert_purses52.xxxxxxx.com.pem in our client directory

![2009-04-20 15:13:39.473] <948:SipSwitch> [TcpBaseTransport.cxx@110]
<<RESIP:TRANSPORT-DEBUG>> Received TCP connection from: [ V4 148.147.172.163:43807 TLS target domain=unspecified mFlowKey=0 ] as fd=2284
![2009-04-20 15:13:39.473] <948:SipSwitch> [ConnectionManager.cxx@77]
<<RESIP:TRANSPORT-DEBUG>> Could not find a connection for [ V4 148.147.172.163:43807 TLS target domain=unspecified mFlowKey=0 ]
![2009-04-20 15:13:39.473] <948:SipSwitch> [ConnectionBase.cxx@49]
<<RESIP:TRANSPORT-DEBUG>> ConnectionBase::ConnectionBase, who: [ V4 148.147.172.163:43807 TLS target domain=unspecified mFlowKey=0 ] 0134CE88
![2009-04-20 15:13:39.473] <948:SipSwitch> [ConnectionBase.cxx@62]
<<RESIP:TRANSPORT-DEBUG>> No compression library available: 0134CE88
![2009-04-20 15:13:39.473] <948:SipSwitch> [TlsConnection.cxx@41]
<<RESIP:TRANSPORT-INFO>> Creating TLS connection for domain puresearch.XXXXXXX.com [ V4 148.147.172.163:43807 TLS target domain=unspecified mFlowKey=0 ] on 2284
![2009-04-20 15:13:39.473] <948:SipSwitch> [TlsConnection.cxx@48]
<<RESIP:TRANSPORT-DEBUG>> Trying to form TLS connection - acting as server
![2009-04-20 15:13:39.473] <948:SipSwitch> [TlsConnection.cxx@104]
<<RESIP:TRANSPORT-ERROR>> Don't have private key for domain puresearch.xxxxxxx.com
![2009-04-20 15:13:39.473] <948:SipSwitch> [BaseException.cxx@17]
<<RESIP-DEBUG>> BaseException at .\ssl\TlsConnection.cxx:106 getDomainKey failed.
![2009-04-20 15:13:39.473] <948:SipSwitch> [ConnectionBase.cxx@89]
<<RESIP:TRANSPORT-DEBUG>> ConnectionBase::~ConnectionBase 0134CE88
![2009-04-20 15:13:39.473] <948:SipSwitch> [TransportSelector.cxx@260]
<<RESIP:TRANSPORT-ERROR>> Exception thrown from Transport::process: SecurityException getDomainKey failed. @ .\ssl\TlsConnection.cxx:106
![2009-04-20 15:13:39.473] <948:SipSwitch> [TuSelector.cxx@85]
<<RESIP:TRANSACTION-INFO>> Sending ConnectionTerminated [ V4 148.147.172.163:43807 TLS target domain=unspecified mFlowKey=2284 ] to TUs
![2009-04-20 15:13:39.473] <7352:SipSwitch> [DialogUsageManager.cxx@1195]
<<RESIP:DUM-DEBUG>> connection terminated message

Do we need to have some more certificates in our client machine? if so what are the certificates we need?

Thanks,

V.Lakshmi Narayanan

_______________________________________________
resiprocate-users mailing list
resiprocate-users@xxxxxxxxxxxxxxx
List Archive: http://list.resiprocate.org/archive/resiprocate-users/

--
luxbaba

Follow-Ups:
- Re: [reSIProcate-users] TLS help
  - From: Scott Godin

References:
- [reSIProcate-users] TLS help
  - From: Lakshmi Narayanan
- Re: [reSIProcate-users] TLS help
  - From: Scott Godin

Prev by Date: Re: [reSIProcate-users] Please help, TLS not working on XP, urgrently
Next by Date: Re: [reSIProcate-users] TLS help
Previous by thread: Re: [reSIProcate-users] TLS help
Next by thread: Re: [reSIProcate-users] TLS help
Index(es):
- Date
- Thread