[asterisk-bugs] [JIRA] (ASTERISK-28762) Problem setting up ssl connection. Internal SSL error

Asterisk Team (JIRA) noreply at issues.asterisk.org
Fri Feb 28 10:00:26 CST 2020 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-28762?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=249862#comment-249862 ] 

Asterisk Team commented on ASTERISK-28762:
------------------------------------------

Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution.

A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report.

Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process].

Please note that once your issue enters an open state it has been accepted. As Asterisk is an open source project there is no guarantee or timeframe on when your issue will be looked into. If you need expedient resolution you will need to find and pay a suitable developer. Asking for an update on your issue will not yield any progress on it and will not result in a response. All updates are posted to the issue when they occur.

> Problem setting up ssl connection. Internal SSL error
> -----------------------------------------------------
>
>                 Key: ASTERISK-28762
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-28762
>             Project: Asterisk
>          Issue Type: Information Request
>      Security Level: None
>          Components: Core/HTTP
>    Affects Versions: 17.2.0
>         Environment: CentOS 6 with openssl 1.0.1e
> Asterisk 17.2.0 and WebRTC
> Client browser is Chrome 80.0.3987.87
>            Reporter: INVADE International Ltd.
>            Severity: Minor
>              Labels: webrtc
>
> From the forum entry:
> https://community.asterisk.org/t/problem-setting-up-ssl-connection-internal-ssl-error/82633
> Hi. We have a number systems using Asterisk 17 and WebRTC.
> On the systems that use self signed certificates, the following is logged by Asterisk every time a client registers:
> {quote}ERROR[10399] iostream.c: Problem setting up ssl connection: error:00000001:lib(0):func(0):reason(1), Internal SSL error
> ERROR[10399] tcptls.c: Unable to set up ssl connection with peer '192.168.122.1:53700'{quote}
> The errors do not appear to prevent the system from working.
> I’ve enabled debugging and, while there are some debug messages logged after the errors, there is nothing before.
> The errors are not logged on systems that use a certificate from a trusted CA.
> I’ve tested this using both a JsSIP and a sipML5 client, and the results are the same.
> I’m not sure if it helps but, below are the messages from the browser console:
> {quote}s_websocket_server_url= wss://192.168.122.143:8089/ws
> tsk_utils.js?svn=252:116 s_sip_outboundproxy_url=(null)
> tsk_utils.js?svn=252:116 b_rtcweb_breaker_enabled=yes
> tsk_utils.js?svn=252:116 b_click2call_enabled=no
> tsk_utils.js?svn=252:116 b_early_ims=yes
> tsk_utils.js?svn=252:116 b_enable_media_stream_cache=yes
> tsk_utils.js?svn=252:116 o_bandwidth={}
> tsk_utils.js?svn=252:116 o_video_size={}
> tsk_utils.js?svn=252:116 SIP stack start: proxy='ns313841.ovh.net:12062', realm='<sip:192.168.122.143>', impi='100', impu='"Simon"<sip:100 at 192.168.122.143>'
> tsk_utils.js?svn=252:116 Connecting to ' wss://192.168.122.143:8089/ws'
> tsk_utils.js?svn=252:116 ==stack event = starting
> tsk_utils.js?svn=252:116 __tsip_transport_ws_onopen
> tsk_utils.js?svn=252:116 ==stack event = started
> tsk_utils.js?svn=252:116 State machine: tsip_dialog_register_Started_2_InProgress_X_oRegister
> tsk_utils.js?svn=252:116 SEND: REGISTER sip:192.168.122.143 SIP/2.0
> Via: SIP/2.0/WSS df7jal23ls0d.invalid;branch=z9hG4bKyFqsoLUUFpedAcVEyZN4cBtFTu9Gt9G9;rport
> From: "Simon"<sip:100 at 192.168.122.143>;tag=kMuhaZy6Q0Wvw40VKeLZ
> To: "Simon"<sip:100 at 192.168.122.143>
> Contact: "Simon"<sips:100 at df7jal23ls0d.invalid;rtcweb-breaker=yes;transport=wss>;expires=200;click2call=no;+g.oma.sip-im;+audio;language="en,fr"
> Call-ID: ffac53bd-a6b2-9176-63b1-ff8ed7c5fa26
> CSeq: 28995 REGISTER
> Content-Length: 0
> Max-Forwards: 70
> User-Agent: IM-client/OMA1.0 sipML5-v1.2016.03.04
> Organization: Doubango Telecom
> Supported: path
> tsk_utils.js?svn=252:116 __tsip_transport_ws_onmessage
> tsk_utils.js?svn=252:116 recv=SIP/2.0 401 Unauthorized
> Via: SIP/2.0/WSS df7jal23ls0d.invalid;rport=53702;received=192.168.122.1;branch=z9hG4bKyFqsoLUUFpedAcVEyZN4cBtFTu9Gt9G9
> From: "Simon"<sip:100 at 192.168.122.143>;tag=kMuhaZy6Q0Wvw40VKeLZ
> To: "Simon"<sip:100 at 192.168.122.143>;tag=z9hG4bKyFqsoLUUFpedAcVEyZN4cBtFTu9Gt9G9
> Call-ID: ffac53bd-a6b2-9176-63b1-ff8ed7c5fa26
> CSeq: 28995 REGISTER
> Content-Length: 0
> WWW-Authenticate: Digest realm="asterisk",qop="auth",nonce="1581088246/deff5cad6eaa2e080cc3a29e7e48d1eb",opaque="1e37dbb763d85954",stale=FALSE,algorithm=md5
> Server: Asterisk PBX 17.2.0
> tsk_utils.js?svn=252:116 State machine: tsip_dialog_register_InProgress_2_InProgress_X_401_407_421_494
> tsk_utils.js?svn=252:116 SEND: REGISTER sip:192.168.122.143 SIP/2.0
> Via: SIP/2.0/WSS df7jal23ls0d.invalid;branch=z9hG4bKaQerbmtNuKAHJsnBlJlOUbWnwsgSb0b0;rport
> From: "Simon"<sip:100 at 192.168.122.143>;tag=kMuhaZy6Q0Wvw40VKeLZ
> To: "Simon"<sip:100 at 192.168.122.143>
> Contact: "Simon"<sips:100 at df7jal23ls0d.invalid;rtcweb-breaker=yes;transport=wss>;expires=200;click2call=no;+g.oma.sip-im;+audio;language="en,fr"
> Call-ID: ffac53bd-a6b2-9176-63b1-ff8ed7c5fa26
> CSeq: 28996 REGISTER
> Content-Length: 0
> Max-Forwards: 70
> Authorization: Digest username="100",realm="asterisk",nonce="1581088246/deff5cad6eaa2e080cc3a29e7e48d1eb",uri="sip:192.168.122.143",response="33ab4ea03ce85d9b4ac09058e36992e9",algorithm=md5,cnonce="eb2396623ba609a63f39f28a3413ab43",opaque="1e37dbb763d85954",qop=auth,nc=00000001
> User-Agent: IM-client/OMA1.0 sipML5-v1.2016.03.04
> Organization: Doubango Telecom
> Supported: path
> tsk_utils.js?svn=252:116 ==session event = connecting
> 2tsk_utils.js?svn=252:116 ==session event = sent_request
> tsk_utils.js?svn=252:116 __tsip_transport_ws_onmessage
> tsk_utils.js?svn=252:116 recv=SIP/2.0 200 OK
> Via: SIP/2.0/WSS df7jal23ls0d.invalid;rport=53702;received=192.168.122.1;branch=z9hG4bKaQerbmtNuKAHJsnBlJlOUbWnwsgSb0b0
> From: "Simon"<sip:100 at 192.168.122.143>;tag=kMuhaZy6Q0Wvw40VKeLZ
> To: "Simon"<sip:100 at 192.168.122.143>;tag=z9hG4bKaQerbmtNuKAHJsnBlJlOUbWnwsgSb0b0
> Contact: <sips:100 at 192.168.122.1:53702;transport=ws;rtcweb-breaker=yes>;expires=199
> Call-ID: ffac53bd-a6b2-9176-63b1-ff8ed7c5fa26
> CSeq: 28996 REGISTER
> Content-Length: 0
> Date: 07 Feb 2020 15:10:46 GMT;07
> Server: Asterisk PBX 17.2.0
> tsk_utils.js?svn=252:116 State machine: tsip_dialog_register_InProgress_2_Connected_X_2xx
> tsk_utils.js?svn=252:116 ==session event = connected
> tsk_utils.js?svn=252:116 __tsip_transport_ws_onmessage{quote}
> The server is running CentOS 6 with openssl 1.0.1e, and the client browser is Chrome 80.0.3987.87.
> I’m trying to determine:
> What is the cause of the errors.
> Are they actually causing any problems.
> If anyone is able to answer either of these messages it is much appreciated.
> I can provide additional info if required.
> Thanks in advance.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list