<html><head><meta http-equiv="Content-Type" content="text/html charset=iso-8859-1"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">do you have everything for your cert chain in the file for the certs in freeswitch?<div><br><div><div>On Jul 10, 2014, at 12:48 PM, Javier Menendez &lt;<a href="mailto:menendez.garcia@gmail.com">menendez.garcia@gmail.com</a>&gt; wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div dir="ltr"><div>You are right, nothing relevant, the socket is closed before.<br><br><br></div><div>I think it must be something related with chrome, in latest version 35 it is not working but in version 26 it works.. but <a href="http://webrtc.freeswitch.org/">webrtc.freeswitch.org</a> works with version 35! what am I missing?<br>
</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Jul 10, 2014 at 6:28 PM, Ciprian Dosoftei <span dir="ltr">&lt;<a href="mailto:ciprian.dosoftei@gmail.com" target="_blank">ciprian.dosoftei@gmail.com</a>&gt;</span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div>You may be able to pull more info from the connection's entry on the Network tab of the developer's console. In normal circumstances, it should show a HTTP response code of 101 and a negotiation response like:<br>

<br>Connection:Upgrade<br>Sec-WebSocket-Accept:oVcPX2zhUVgae46nZWQT3WyOOQ0=<br>Upgrade:websocket<br><br></div>I bet the latter is not coming through since the connection is reset.<br><br>If you cannot get any relevant info from this angle, I think a packet capture is the next step.<span class="HOEnZb"><font color="#888888"><br>

<br></font></span></div><span class="HOEnZb"><font color="#888888">-C<br><div><br><br></div></font></span></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><br><div class="gmail_quote">On 10 July 2014 17:07, Javier Menendez <span dir="ltr">&lt;<a href="mailto:menendez.garcia@gmail.com" target="_blank">menendez.garcia@gmail.com</a>&gt;</span> wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div>Thanks ciprian,<br></div>I am trying to debug this with chrome, I tryed to make a raw websocket connection<br>

&nbsp;conn = new WebSocket("<a href="wss://myhost:10081">wss://myhost:10081</a>")<br><br></div>and I got a readyState 3. that's all I can debug :/<br>
<br></div>If I access to <a href="https://myhost:10081/" target="_blank">https://myhost:10081/</a> it says verified, and its green...<br></div><div><div class="gmail_extra"><br><br><div class="gmail_quote">
On Thu, Jul 10, 2014 at 5:40 PM, Ciprian Dosoftei <span dir="ltr">&lt;<a href="mailto:ciprian.dosoftei@gmail.com" target="_blank">ciprian.dosoftei@gmail.com</a>&gt;</span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div>Javier,<br><br></div>It looks like the client is resetting the connection, it may after all be a SSL issue.<br>


<br></div>Best way to start debugging is to pop up the developer console (I use Chrome and it never disappoints me when it comes down to tracking down issues) and see what's unusual with that WSS connection.<br>
<br></div>-Ciprian<br></div><div class="gmail_extra"><br><br><div class="gmail_quote"><div>On 10 July 2014 12:27, Javier Menendez <span dir="ltr">&lt;<a href="mailto:menendez.garcia@gmail.com" target="_blank">menendez.garcia@gmail.com</a>&gt;</span> wrote:<br>



</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div dir="ltr"><div><div><div><div>Hi,<br><br></div>I am trying to get the wss connection work, tried everything and still doesn't work, I don't think it is a certificate problem because if I try this manually:<br>




<br>curl -v <a href="https://myhost.com:10081/" target="_blank">https://myhost.com:10081/</a> -H "Upgrade: WebSocket" -H "Connection: Upgrade" -H "Sec-WebSocket-Protocol: sip" -H "Sec-WebSocket-Key: +LLGYSDSKelND6UVF9z71w==" -H "Sec-WebSocket-Version: 13" <br>




* About to connect() to <a href="http://myhost.com/" target="_blank">myhost.com</a> port 10081 (#0)<br>*&nbsp;&nbsp; Trying X.X.X.X... connected<br>* Connected to <a href="http://myhost.com/" target="_blank">myhost.com</a> (X.X.X.X) port 10081 (#0)<br>



* successfully set certificate verify locations:<br>
*&nbsp;&nbsp; CAfile: none<br>&nbsp; CApath: /etc/ssl/certs<br>* SSLv3, TLS handshake, Client hello (1):<br>* SSLv3, TLS handshake, Server hello (2):<br>* SSLv3, TLS handshake, CERT (11):<br>* SSLv3, TLS handshake, Server finished (14):<br>




* SSLv3, TLS handshake, Client key exchange (16):<br>* SSLv3, TLS change cipher, Client hello (1):<br>* SSLv3, TLS handshake, Finished (20):<br>* SSLv3, TLS change cipher, Client hello (1):<br>* SSLv3, TLS handshake, Finished (20):<br>




* SSL connection using AES256-SHA<br>* Server certificate:<br>* &nbsp;&nbsp; &nbsp; subject: OU=Domain Control Validated; CN=<a href="http://myhost.com/" target="_blank">myhost.com</a><br>* &nbsp;&nbsp; &nbsp; start date: 2014-06-16 10:09:42 GMT<br>* &nbsp;&nbsp; &nbsp; expire date: 2016-06-07 11:02:46 GMT<br>




* &nbsp;&nbsp; &nbsp; subjectAltName: <a href="http://myhost.com/" target="_blank">myhost.com</a> matched<br>* &nbsp;&nbsp; &nbsp; issuer: C=US; ST=Arizona; L=Scottsdale; O=<a href="http://GoDaddy.com">GoDaddy.com</a>, Inc.; OU=<a href="http://certs.godaddy.com/repository/" target="_blank">http://certs.godaddy.com/repository/</a>; CN=Go Daddy Secure Certificate Authority - G2<br>




* &nbsp;&nbsp; &nbsp; SSL certificate verify ok.<br>&gt; GET / HTTP/1.1<br>&gt; User-Agent: curl/7.21.0 (i486-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8o zlib/<a href="http://1.2.3.3/" target="_blank">1.2.3.3</a> libidn/1.15<br>&gt; Host: <a href="http://myhost.com:10081/" target="_blank">myhost.com:10081</a><br>




&gt; Accept: */*<br>&gt; Upgrade: WebSocket<br>&gt; Connection: Upgrade<br>&gt; Sec-WebSocket-Protocol: sip<br>&gt; Sec-WebSocket-Key: +LLGYSDSKelND6UVF9z71w==<br>&gt; Sec-WebSocket-Version: 13<br>&gt; <br>&lt; HTTP/1.1 101 Switching Protocols<br>




&lt; Upgrade: websocket<br>&lt; Connection: Upgrade<br>&lt; Sec-WebSocket-Accept: CQsVOMdurBA <br><br><br></div>so it seems to work, but if I try with jssip or sipml5 library I got this trace log and the socket gets disconnected within half second<br>




<br>freeswitch@internal&gt; tport.c:2749 tport_wakeup_pri() tport_wakeup_pri(0x7f2198004f20): events IN<br>tport.c:862 tport_alloc_secondary() tport_alloc_secondary(0x7f2198004f20): new secondary tport 0x7f21980afb20<br>



tport.c:2640 tport_accept() tport_accept(0x7f21980afb20): new connection from wss/<a href="http://130.117.88.33:62056/sips" target="_blank">130.117.88.33:62056/sips</a><br>
tport.c:2773 tport_wakeup() tport_wakeup(0x7f21980afb20): events IN<br>tport.c:2864 tport_recv_event() tport_recv_event(0x7f21980afb20)<br>tport.c:2296 tport_set_secondary_timer() tport(0x7f21980afb20): reset timer<br>tport.c:2773 tport_wakeup() tport_wakeup(0x7f21980afb20): events IN HUP ERR<br>




nta.c:2719 agent_tp_error() nta_agent: tport: Conexión reinicializada por la máquina remota<br>tport.c:2090 tport_close() tport_close(0x7f21980afb20): wss/<a href="http://130.117.88.33:62056/sips" target="_blank">130.117.88.33:62056/sips</a><br>




<br></div>I am using last version from git and I also tried with 1.4 versions.<br></div>I have accept-blind-auth and accept-blind-reg to true, any clue?<br><div><br><br><br><br></div></div>
<br></div>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com/" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com/" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org/" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com/" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><span><font color="#888888"><br><br clear="all"><br>-- <br>Best Regards,<br>Ciprian Dosoftei<br><br>The information transmitted is intended only for the addressee and may contain privileged and/or confidential material. If you are not the intended recipient, kindly contact the sender and delete the message.<br>



<br>Any disclosure, distribution or copying of this message is strictly prohibited without the expressed permission of the sender.
</font></span></div>
<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com/" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com/" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org/" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com/" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br></div>
</div><br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com/" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com/" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org/" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com/" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br>Best Regards,<br>Ciprian Dosoftei<br><br>The information transmitted is intended only for the addressee and may contain privileged and/or confidential material. If you are not the intended recipient, kindly contact the sender and delete the message.<br>

<br>Any disclosure, distribution or copying of this message is strictly prohibited without the expressed permission of the sender.
</div>
</div></div><br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com/" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com/" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org/" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com/" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br></div>
_________________________________________________________________________<br>Professional FreeSWITCH Consulting Services:<br><a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>http://www.freeswitchsolutions.com<br><br>FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>http://www.cudatel.com<br><br>Official FreeSWITCH Sites<br>http://www.freeswitch.org<br>http://wiki.freeswitch.org<br>http://www.cluecon.com<br><br>FreeSWITCH-users mailing list<br>FreeSWITCH-users@lists.freeswitch.org<br>http://lists.freeswitch.org/mailman/listinfo/freeswitch-users<br>UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users<br>http://www.freeswitch.org<br></blockquote></div><br></div></body></html>