[Freeswitch-users] secure websocket connection refused

Mon Jun 23 15:27:48 MSD 2014

answering myself, there were two issues:
1. The certs directory was a symlink
2. The port is 7443 and not 7433

I hope it will help others.

On Mon, Jun 23, 2014 at 12:03 PM, ik <idokan at gmail.com> wrote:

> Hello,
>
> I'm using Freeswitch 1.4.6 on CentOS 6 .
>
> I'ved configured Freeswitch to work with webrtc, and created certification
> based on http://wiki.freeswitch.org/wiki/SIP_TLS.
>
> I have also enabled the ws-binding and wss-binding at internal.xml.
>
> When doing netstat, I can see both 5066 and 7433 binded:
>
> netstat -lnpt | grep freeswitch
> tcp        0      0 37.139.XXX.XXX:7443          0.0.0.0:*
> LISTEN      27937/./freeswitch
>
>
> When I try to access the insecure ws (5066), I have a connection:
>
> tport.c:2749 tport_wakeup_pri() tport_wakeup_pri(0x7f095c00b530): events IN
> tport.c:862 tport_alloc_secondary() tport_alloc_secondary(0x7f095c00b530):
> new secondary tport 0x7f095c09b6a0
> tport.c:2620 tport_accept() tport_accept(0x7f095c00b530): incoming
> secondary on ws/37.139.XXX.XXX:5066/sip failed. reason = WS_INIT
>
> But when I try to use the wss connection, I'm getting connection refused.
> I'm testing it on the same machine with the following command:
>
> openssl s_client -connect 37.139.XXX.XXX:7433
>
> My cert folder has the following certifications:
> drwxr-x--- 2 root root 4096 Jun 23 08:42 CA
> -rw-r----- 1 root root 1270 Jun 23 08:42 agent.pem
> -rw-r----- 1 root root  729 Jun 23 08:42 cafile.pem
> -rw-r--r-- 1 root root 1270 Jun 23 08:46 dtls-srtp.pem
> -rw-r--r-- 1 root root 1270 Jun 23 08:46 wss.pem
>
> When using wireshark, I can see that the ACK packet get a reset flag after
> sending a SYN request.
>
> What am I missing here or doing wrong ?
>
> Thanks,
> Ido
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20140623/4d59c884/attachment.html 