<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hi all,<div class=""><br class=""></div><div class="">I tried regenerating new certificates with a lower key size, bypassed the commercial component and instead uploaded the CA on my devices, changed the SSL port and… Well still stuck.</div><div class=""><br class=""></div><div class="">Your help is more than welcome! </div><div class=""><br class=""></div><div class="">Any idea?</div><div class=""><br class=""></div><div class="">Emrah</div><div class=""><br class=""></div><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Nov 14, 2014, at 5:14 PM, Emrah <<a href="mailto:lists@kavun.ch" class="">lists@kavun.ch</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><meta http-equiv="Content-Type" content="text/html charset=utf-8" class=""><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hi list,<div class=""><br class=""></div><div class="">I am able to use FS with SSLv23 with Blink Pro on Mac OS, but that’s about it.</div><div class="">I get the following error if I connect with any other device (Bria iOS, Yealink phone, Join Softphone):</div><div class=""><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">TLS setup failed (error:00000001:lib(0):func(0):reason(1))</div></div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class=""><br class=""></div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">I came across this thread: <a href="http://freeswitch-users.2379917.n2.nabble.com/FS-with-SSL-TLS-issues-td7587736.html" class="">http://freeswitch-users.2379917.n2.nabble.com/FS-with-SSL-TLS-issues-td7587736.html</a> but it doesn’t seem to apply to my scenario.</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class=""><br class=""></div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">I am using a commercial certificate. My devices connect to a domain which has an SRV record which points to itself on the SSL port. SSL host is an A record and matches the CN in the certificate. Server cA check is even turned off on certain phones.</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class=""><br class=""></div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">The only error I get on my Yealink phone is this:</div><div style="margin: 0px;" class=""><div style="margin: 0px;" class=""><font face="Menlo" class=""><span style="font-size: 11px;" class="">Nov 14 11:04:03 SIP [524]: SDL <6+info > [000] SSL_connect (read done)</span></font></div><div style="margin: 0px;" class=""><font face="Menlo" class=""><span style="font-size: 11px;" class="">Nov 14 11:04:03 SIP [524]: SDL <3+error > [000] SSL ERROR</span></font></div><div style="margin: 0px;" class=""><font face="Menlo" class=""><span style="font-size: 11px;" class="">Nov 14 11:04:03 SIP [524]: SDL <3+error > [000] SSL_connect error</span></font></div><div style="font-family: Menlo; font-size: 11px;" class=""><br class=""></div></div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">I would appreciate to know how I could debug this further. Or if you have any clue at what may be going on.</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class=""><br class=""></div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">Thanks!</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">Emrah</div></div></div></blockquote></div><br class=""></div></body></html>