Unable to load the SSL privatekey? How to input the passphrase or configure it ?? #987
Comments
|
You either have to start opensips interactively, so that you can input the passphrase of the private key, or simply, as @jarrodb mentioned on IRC, remove the passphrase: |
|
facing the same issue. Generated the certificate using tls command. |
|
unable to load private key file '/etc/opensips/tls/user/user-privkey.pem'. #012Retry (2 left) (check password case) |
|
opensips is not working with self signed certificate. |
|
Now I'm using a certificate generated by letsencrypt. Still getting these errors. ERROR:proto_wss:ws_parse_req_handshake: Invalid Connection header |
When I tried to setup opensips wss/tls for webrtc testing, I got some error after I generated the necessary certificate and private key files,
error is like following:
Nov 9 23:35:25 localhost /usr/sbin/opensips[9706]: WARNING:tls_mgm:init_ssl_ctx_behavior: client verification NOT activated. Weaker security.
Nov 9 23:35:25 localhost /usr/sbin/opensips[9706]: NOTICE:tls_mgm:init_tls_domains: no crl for tls, using none
Nov 9 23:35:25 localhost /usr/sbin/opensips[9706]: NOTICE:tls_mgm:init_tls_domains: no CA for tls[0.0.0.0:0] defined, using default '(null)'
Nov 9 23:35:25 localhost /usr/sbin/opensips[9706]: NOTICE:tls_mgm:init_tls_domains: no CA for tls[0.0.0.0:0] defined, using default '/etc/pki/CA/'
Nov 9 23:35:25 localhost /usr/sbin/opensips[9706]: ERROR:tls_mgm:load_private_key: unable to load private key file '/etc/pki/CA/yyuserprivate.key'. #012Retry (2 left) (check password case)
Nov 9 23:35:25 localhost /usr/sbin/opensips[9706]: ERROR:tls_mgm:load_private_key: unable to load private key file '/etc/pki/CA/yyuserprivate.key'. #012Retry (1 left) (check password case)
Nov 9 23:35:25 localhost /usr/sbin/opensips[9706]: ERROR:tls_mgm:load_private_key: unable to load private key file '/etc/pki/CA/yyuserprivate.key'. #012Retry (0 left) (check password case)
Nov 9 23:35:25 localhost /usr/sbin/opensips[9706]: ERROR:tls_mgm:load_private_key: unable to load private key file '/etc/pki/CA/yyuserprivate.key'
Nov 9 23:35:25 localhost /usr/sbin/opensips[9706]: ERROR:core:init_mod: failed to initialize module tls_mgm
Nov 9 23:35:25 localhost /usr/sbin/opensips[9706]: ERROR:core:main: error while initializing modules
Nov 9 23:35:25 localhost /usr/sbin/opensips[9706]: INFO:core:cleanup: cleanup
Nov 9 23:35:25 localhost /usr/sbin/opensips[9706]: NOTICE:core:main: Exiting....
Nov 9 23:35:25 localhost opensips: INFO:core:daemonize: pre-daemon process exiting with -1
opensips version information is
version: opensips 2.2.2 (x86_64/linux)
flags: STATS: On, DISABLE_NAGLE, USE_MCAST, SHM_MMAP, PKG_MALLOC, F_MALLOC, FAST_LOCK-ADAPTIVE_WAIT
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
git revision: d250e1c
main.c compiled on 01:48:22 Nov 2 2016 with gcc 4.4.7
my part of opensips.cfg is like
#set module path
mpath="/usr/lib64/opensips/modules"
loadmodule "proto_ws.so"
loadmodule "proto_wss.so"
loadmodule "tls_mgm.so"
modparam("tls_mgm", "tls_method", "TLSv1")
modparam("tls_mgm", "certificate", "/etc/pki/CA/yyuserca.pem")
modparam("tls_mgm", "private_key", "/etc/pki/CA/yyuserprivate.key")
The text was updated successfully, but these errors were encountered: