[Freeswitch-users] secure websocket connection refused
ik
idokan at gmail.com
Mon Jun 23 13:03:03 MSD 2014
Hello,
I'm using Freeswitch 1.4.6 on CentOS 6 .
I'ved configured Freeswitch to work with webrtc, and created certification
based on http://wiki.freeswitch.org/wiki/SIP_TLS.
I have also enabled the ws-binding and wss-binding at internal.xml.
When doing netstat, I can see both 5066 and 7433 binded:
netstat -lnpt | grep freeswitch
tcp 0 0 37.139.XXX.XXX:7443 0.0.0.0:*
LISTEN 27937/./freeswitch
When I try to access the insecure ws (5066), I have a connection:
tport.c:2749 tport_wakeup_pri() tport_wakeup_pri(0x7f095c00b530): events IN
tport.c:862 tport_alloc_secondary() tport_alloc_secondary(0x7f095c00b530):
new secondary tport 0x7f095c09b6a0
tport.c:2620 tport_accept() tport_accept(0x7f095c00b530): incoming
secondary on ws/37.139.XXX.XXX:5066/sip failed. reason = WS_INIT
But when I try to use the wss connection, I'm getting connection refused.
I'm testing it on the same machine with the following command:
openssl s_client -connect 37.139.XXX.XXX:7433
My cert folder has the following certifications:
drwxr-x--- 2 root root 4096 Jun 23 08:42 CA
-rw-r----- 1 root root 1270 Jun 23 08:42 agent.pem
-rw-r----- 1 root root 729 Jun 23 08:42 cafile.pem
-rw-r--r-- 1 root root 1270 Jun 23 08:46 dtls-srtp.pem
-rw-r--r-- 1 root root 1270 Jun 23 08:46 wss.pem
When using wireshark, I can see that the ACK packet get a reset flag after
sending a SYN request.
What am I missing here or doing wrong ?
Thanks,
Ido
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20140623/1a132c95/attachment.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list