Project

General

Profile

Let´s Encrypt SSL problems.

Added by Marcio Mello almost 2 years ago

Hi, this is my scenario:
I installed v4 ISO on VirtualBox and created a custom image to upload to Digital Ocean. It´s ok and works fine. I can create a DG droplet and run GoAutoDial v4 with no problems. After I installed a SSL with cerbot Let´s Encrypt and it works ok to my domain too. I can login like goadmin and manage all. The problem is that when I login like an Agent, I can´t Login to dialer if I use the domain. When I click the button nothing happens. If I use the IP address to access, and login to Agent it works fine. Really strange.. Thanks for any tip.


Replies (22)

RE: Let´s Encrypt SSL problems. - Added by Jose Capurro almost 2 years ago

Try looking for errors in the Developer console in Google Chrome.

I'm fairly sure there is a problem with the Kamailio domain you are using. I got the same problem.

Remember to:
- Configure the certificates in /etc/kamailio/tls.cfg
- Set your domain in /etc/kamailio/kamailio.cfg (search for alias=")
- Set your domain in /var/www/html/php/goCRMAPISettings.php (gourl)

If those settings are not properly configured, the WebRTC connection will not be established.

RE: Let´s Encrypt SSL problems. - Added by Marcio Mello almost 2 years ago

Thanks!

I´m checking all these files now.

RE: Let´s Encrypt SSL problems. - Added by Marcio Mello almost 2 years ago

Hello,

It was going fine,,, after the changes logging into an agent I can click on Login to Dialer and select the Campaign but it goes to "Login in to your phone,, please wait" forever.

I checked the kamailio status and it was:
kamailio.service - Kamailio (OpenSER) - the Open Source SIP Server
Loaded: loaded (/usr/lib/systemd/system/kamailio.service; enabled; vendor preset: disabled)
Active: failed (Result: start-limit) since Wed 2018-11-21 02:16:55 PST; 4min 49s ago
Process: 1531 ExecStart=/usr/sbin/kamailio -DD -P /var/run/kamailio/kamailio.pid -f $CFGFILE -m $SHM_MEMORY -M $PKG_MEMORY (code=exited, status=255)
Main PID: 1531 (code=exited, status=255)

Can´t restart kamailio service .. any idea?

Thanks!

RE: Let´s Encrypt SSL problems. - Added by Marcio Mello almost 2 years ago

And... from the Chrome console..

jssip-3.0.13.js:21334 WebSocket connection to 'wss://209.97.145.53:4443/' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED

Thanks!

RE: Let´s Encrypt SSL problems. - Added by Jose Capurro almost 2 years ago

So, the problem is with Kamailio not running.

Check your /etc/kamailio/kamailio.cfg.

At the start of the file, you will see some lines beginning with #!define ...

Under #!define WITH_ANTIFLOOD, put a new one: #!define WITH_DEBUG.

Then, restart Kamailio with systemctl restart kamailio.

Finally, post the output of journalctl -m -n 200 -t /usr/sbin/kamailio.

You can redirect the output of journalctl with >, like this:

journalctl -m -n 200 -t /usr/sbin/kamailio > kamailio.txt

RE: Let´s Encrypt SSL problems. - Added by Marcio Mello almost 2 years ago

Ok, here is the output.

Please note that the IP is different, because of a new install. Thanks!

[root@callcenterflex ~]# journalctl m -n 200 -t /usr/sbin/kamailio
-
Logs begin at Thu 2018-11-22 18:44:13 PST, end at Thu 2018-11-22 22:19:14 PST. --
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 1
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2868]: fix_rval(): RV is int: 5
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 2
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2872]: fix_rval(): RV is str: "Use-Path: msrps://142.93.79.210:9080/"
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 7
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:3559]: rve_optimize(): FIXUP RVE (1331,16-1332,19): changed + into string
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 2
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: [67B blob data]
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:3559]: rve_optimize(): FIXUP RVE (1331,16-1332,32): changed + into string
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 2
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2872]: fix_rval(): RV is str: "Expires: "
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:3559]: rve_optimize(): FIXUP RVE (1331,16-1333,18): changed + into string
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: [153B blob data]
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 7
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:3559]: rve_optimize(): FIXUP RVE (1331,16-1333,34): changed + into string
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 2
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: [63B blob data]
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:3559]: rve_optimize(): FIXUP RVE (1331,16-1333,43): changed + into string
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/route.c:872]: fix_actions(): fixing msrp_reply()
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/pvapi.c:321]: pv_cache_lookup(): pvar [$var(hdrs)] found in cache
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 7
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 2
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2872]: fix_rval(): RV is str: "SEND"
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 7
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 2
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2872]: fix_rval(): RV is str: "REPORT"
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 7
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 1
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2868]: fix_rval(): RV is int: 1
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 7
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 2
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2872]: fix_rval(): RV is str: "REPORT"
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/route.c:872]: fix_actions(): fixing msrp_reply()
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/route.c:872]: fix_actions(): fixing msrp_relay()
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 7
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 7
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/route.c:872]: fix_actions(): fixing msrp_reply()
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 7
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2864]: fix_rval(): RV fixing type 2
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/rvalue.c:2872]: fix_rval(): RV is str: "REPORT"
Nov 22 22:19:14 callcenterflex.com.br /usr/sbin/kamailio23555: DEBUG: <core> [core/route.c:872]: fix_actions(): fixing msrp_reply()

RE: Let´s Encrypt SSL problems. - Added by Marcio Mello almost 2 years ago

More info...

If I return my tls.cfg to

[server:default]
method = TLSv1
verify_certificate = no
require_certificate = no
private_key = /etc/pki/tls/private/localhost.key
certificate = /etc/pki/tls/certs/localhost.crt

Then Kamailio starts and the debug is:

-- Logs begin at Thu 2018-11-22 22:36:54 PST, end at Thu 2018-11-22 22:39:43 PST. --
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/parser/parse_via.c:2639]: parse_via(): end of header reached, state=5
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/parser/msg_parser.c:491]: parse_headers(): Via found, flags=2
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/parser/msg_parser.c:493]: parse_headers(): this is the first via
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/parser/parse_addr_spec.c:864]: parse_addr_spec(): end of header reached, state=10
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/parser/msg_parser.c:171]: get_hdr_field(): <To> [31]; uri=[sip:vaglxc01.goautodial.c
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: [104B blob data]
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/parser/msg_parser.c:152]: get_hdr_field(): cseq <CSeq>: <102> <OPTIONS>
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/receive.c:191]: receive_msg(): --- received sip message - request - call-id: [1120f7
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/receive.c:234]: receive_msg(): preparing to run routing scripts...
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: exec: * cfgtrace:request_route=[DEFAULT_ROUTE] c=[/etc/kamailio/kamailio.cfg] l=585 a=5 n=route
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=781 a=16 n=if
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/socket_info.c:564]: grep_sock_info(): checking if host==us: 9==9 && [127.0.0.1] == [
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=787 a=16 n=if
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=792 a=16 n=if
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=787 a=25 n=mf_process_maxfwd
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: maxfwd [mf_funcs.c:76]: is_maxfwd_present(): value = 70
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=797 a=16 n=if
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=792 a=25 n=is_method
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/socket_info.c:564]: grep_sock_info(): checking if host==us: 23==9 && [vaglxc01.goaut
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/socket_info.c:567]: grep_sock_info(): checking if port 5060 (advertise 0) matches po
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/socket_info.c:564]: grep_sock_info(): checking if host==us: 23==13 && [vaglxc01.goau
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/socket_info.c:567]: grep_sock_info(): checking if port 5060 (advertise 0) matches po
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/socket_info.c:564]: grep_sock_info(): checking if host==us: 23==13 && [vaglxc01.goau
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/socket_info.c:567]: grep_sock_info(): checking if port 5060 (advertise 0) matches po
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/socket_info.c:564]: grep_sock_info(): checking if host==us: 23==13 && [vaglxc01.goau
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/socket_info.c:567]: grep_sock_info(): checking if port 8080 (advertise 0) matches po
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/socket_info.c:564]: grep_sock_info(): checking if host==us: 23==13 && [vaglxc01.goau
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/socket_info.c:567]: grep_sock_info(): checking if port 5061 (advertise 0) matches po
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/socket_info.c:564]: grep_sock_info(): checking if host==us: 23==13 && [vaglxc01.goau
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/socket_info.c:567]: grep_sock_info(): checking if port 4443 (advertise 0) matches po
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/socket_info.c:564]: grep_sock_info(): checking if host==us: 23==13 && [vaglxc01.goau
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/socket_info.c:567]: grep_sock_info(): checking if port 9080 (advertise 0) matches po
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=793 a=26 n=sl_send_reply
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/parser/msg_parser.c:183]: get_hdr_field(): content_length=0
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/parser/msg_parser.c:89]: get_hdr_field(): found end of header
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: exec: *
* cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=794 a=2 n=exit
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/receive.c:275]: receive_msg(): request-route executed in: 974 usec
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/usr_avp.c:631]: destroy_avp_list(): destroying list (nil)
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/usr_avp.c:631]: destroy_avp_list(): destroying list (nil)
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/usr_avp.c:631]: destroy_avp_list(): destroying list (nil)
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/usr_avp.c:631]: destroy_avp_list(): destroying list (nil)
Nov 22 22:38:21 callcenterflex.com.br /usr/sbin/kamailio1545: DEBUG: <core> [core/usr_avp.c:631]: destroy_avp_list(): destroying list (nil)

Thanks!

RE: Let´s Encrypt SSL problems. - Added by Marcio Mello almost 2 years ago

Uops!! I think this is solved.

sudo chmod go+x /etc/letsencrypt/archive
sudo chmod go+x /etc/letsencrypt/live

It couldn´t read the cert files because of permissions. Now Kamailio is running.

Thank you very much.

RE: Let´s Encrypt SSL problems. - Added by Demian Lizandro Biscocho almost 2 years ago

Great to hear that it's working now.

RE: Let´s Encrypt SSL problems. - Added by Ratanraj Singh 9 months ago

Demian Lizandro Biscocho wrote:

Great to hear that it's working now.

Can you please help on this.

-- Logs begin at Mon 2020-01-13 14:49:39 IST, end at Mon 2020-01-13 19:27:11 IST. --
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30577: exec: * cfgtrace:request_route=[DEFAULT_ROUTE] c=[/etc/kamailio/kamailio.cfg] l=584 a=5 n=route
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30577: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=780 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30577: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=786 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30577: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=791 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30577: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=786 a=25 n=mf_process_max
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30577: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=796 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30577: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=791 a=25 n=is_method
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30577: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=792 a=26 n=sl_send_reply
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30577: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=793 a=2 n=exit
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[xhttp:request] c=[/etc/kamailio/kamailio.cfg] l=1191 a=69 n=set_rpl
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[xhttp:request] c=[/etc/kamailio/kamailio.cfg] l=1192 a=67 n=set_rpl
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[xhttp:request] c=[/etc/kamailio/kamailio.cfg] l=1204 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[xhttp:request] c=[/etc/kamailio/kamailio.cfg] l=1204 a=26 n=xlog
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[xhttp:request] c=[/etc/kamailio/kamailio.cfg] l=1241 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[xhttp:request] c=[/etc/kamailio/kamailio.cfg] l=1239 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[xhttp:request] c=[/etc/kamailio/kamailio.cfg] l=1233 a=24 n=ws_hand
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[xhttp:request] c=[/etc/kamailio/kamailio.cfg] l=1237 a=2 n=exit
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[DEFAULT_ROUTE] c=[/etc/kamailio/kamailio.cfg] l=584 a=5 n=route
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=780 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=774 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=779 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=774 a=24 n=pike_check_req
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=786 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=791 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=786 a=25 n=mf_process_max
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=796 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=791 a=25 n=is_method
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=800 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[REQINIT] c=[/etc/kamailio/kamailio.cfg] l=796 a=26 n=sanity_check
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[DEFAULT_ROUTE] c=[/etc/kamailio/kamailio.cfg] l=606 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[DEFAULT_ROUTE] c=[/etc/kamailio/kamailio.cfg] l=587 a=25 n=nat_uac_
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[DEFAULT_ROUTE] c=[/etc/kamailio/kamailio.cfg] l=592 a=55 n=force_rp
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[DEFAULT_ROUTE] c=[/etc/kamailio/kamailio.cfg] l=601 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[DEFAULT_ROUTE] c=[/etc/kamailio/kamailio.cfg] l=593 a=25 n=is_metho
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[DEFAULT_ROUTE] c=[/etc/kamailio/kamailio.cfg] l=594 a=24 n=fix_nate
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[DEFAULT_ROUTE] c=[/etc/kamailio/kamailio.cfg] l=606 a=5 n=route
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[NATDETECT] c=[/etc/kamailio/kamailio.cfg] l=986 a=55 n=force_rport
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[NATDETECT] c=[/etc/kamailio/kamailio.cfg] l=997 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[NATDETECT] c=[/etc/kamailio/kamailio.cfg] l=987 a=25 n=nat_uac_test
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec:
cfgtrace:request_route=[NATDETECT] c=[/etc/kamailio/kamailio.cfg] l=993 a=16 n=if
Jan 13 19:26:55 vaglxc01.goautodial.com /usr/sbin/kamailio30593: exec: *
* cfgtrace:request_route=[NATDETECT] c=[/etc/kamailio/kamailio.cfg] l=988 a=25 n=is_method

RE: Let´s Encrypt SSL problems. - Added by Wittie Manansala 9 months ago

Hi,

Please review the steps I created and let us know if the said steps will help you.

1. yum install certbot -y

2. sudo certbot --apache -d dialer.company.com

3. Sample Output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for dialer.company.com
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/httpd/conf.d/company-le-ssl.conf
Deploying Certificate to VirtualHost /etc/httpd/conf.d/company-le-ssl.conf

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2 (ni-press ko 2)
Redirecting vhost in /etc/httpd/conf.d/company.conf to ssl vhost in /etc/httpd/conf.d/company-le-ssl.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://dialer.company.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=dialer.company.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/dialer.company.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/dialer.company.com/privkey.pem
   Your cert will expire on 2020-01-14. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew" 
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

4. Set Permissions:

chmod 755 /etc/letsencrypt/archive/
chmod 755 /etc/letsencrypt/live
chmod 644 /etc/letsencrypt/live/dialer.company.com/privkey.pem

5. Edit /etc/kamailio/tls.cfg

Set the following:

private_key = /etc/letsencrypt/live/dialer.company.com/privkey.pem
certificate = /etc/letsencrypt/live/dialer.company.com/cert.pem 

6. systemctl httpd restart
5. systemctl kamailio restart

7. Let’s Encrypt recommends the automatic renew cronjob to run twice a day, to do that add the following line and then save and exit the crontab:

#automatic renew cronjob to run twice a day
* */12 * * * /usr/bin/certbot renew >/dev/null 2>&1

Thanks

RE: Let´s Encrypt SSL problems. - Added by Ratanraj Singh 9 months ago

I am using this vaglxc01.goautodial.com

RE: Let´s Encrypt SSL problems. - Added by Ratanraj Singh 9 months ago

also when i started asterisk service then kamailio and media gateway are showing unreachible in CLI

vaglxc01*CLI> sip show peers
Name/username Host Dyn Forcerport Comedia ACL Port Status Description
G020 10.164.1.63 Yes Yes 5060 OK (22 ms)
kamailio 127.0.0.1 Yes Yes 5060 OK (1 ms)
2 sip peers [Monitored: 2 online, 0 offline Unmonitored: 0 online, 0 offline]
[Jan 17 18:13:01] NOTICE10618: chan_sip.c:30115 sip_poke_noanswer: Peer 'kamailio' is now UNREACHABLE! Last qualify: 1
[Jan 17 18:13:01] NOTICE10618: chan_sip.c:30115 sip_poke_noanswer: Peer 'G020' is now UNREACHABLE! Last qualify: 8
vaglxc01*CLI> sip show peers
Name/username Host Dyn Forcerport Comedia ACL Port Status Description
G020 10.164.1.63 Yes Yes 5060 UNREACHABLE
kamailio 127.0.0.1 Yes Yes 5060 UNREACHABLE
2 sip peers [Monitored: 0 online, 2 offline Unmonitored: 0 online, 0 offline]
vaglxc01*CLI>
[Jan 17 18:13:33] NOTICE10607: chan_iax2.c:12330 __iax2_poke_noanswer: Peer 'ASTblind' is now UNREACHABLE! Time: 3
[Jan 17 18:13:35] NOTICE10606: chan_iax2.c:12330 __iax2_poke_noanswer: Peer 'ASTplay' is now UNREACHABLE! Time: 3
[Jan 17 18:13:37] NOTICE10575: chan_iax2.c:12330 __iax2_poke_noanswer: Peer 'ASTloop' is now UNREACHABLE! Time: 1
[Jan 17 18:13:51] WARNING10535: db.c:288 db_execute_sql: Error executing SQL (COMMIT): database is locked
[Jan 17 18:13:55] WARNING10535: db.c:288 db_execute_sql: Error executing SQL (COMMIT): database is locked
[Jan 17 18:13:57] WARNING10535: db.c:288 db_execute_sql: Error executing SQL (COMMIT): database is locked

RE: Let´s Encrypt SSL problems. - Added by Vericar De Espiritu Santo 9 months ago

Wittie Manansala wrote:

Hi,

Please review the steps I created and let us know if the said steps will help you.

1. yum install certbot -y

2. sudo certbot --apache -d dialer.company.com

3. Sample Output:
[...]

4. Set Permissions:
[...]

5. Edit /etc/kamailio/tls.cfg

Set the following:
[...]

6. systemctl httpd restart
5. systemctl kamailio restart

7. Let’s Encrypt recommends the automatic renew cronjob to run twice a day, to do that add the following line and then save and exit the crontab:
[...]

Thanks

Hi, I'm trying to follow those steps, but i get this error diurin the step 2, can you help me?

[root@go soporte_ebisu]# certbot --apache -d go.callebisu.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel):
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: N
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for go.callebisu.com
Cleaning up challenges
Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.

Any help?

RE: Let´s Encrypt SSL problems. - Added by Wittie Manansala 8 months ago

Hi,

Try to disable iptables and run it again.

Thanks

RE: Let´s Encrypt SSL problems. - Added by Vericar De Espiritu Santo 8 months ago

Wittie Manansala wrote:

Hi,

Try to disable iptables and run it again.

Thanks

I have my firewalld, and iptables off... But, i check again, set firewalld and iptables off, ran again "sudo certbot --apache -d go.callebisu.com" and the output was it:

[root@voip-11 soporte_ebisu]# sudo certbot --apache -d go.callebisu.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for go.callebisu.com
Cleaning up challenges
Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.

So, What's wrong?

RE: Let´s Encrypt SSL problems. - Added by Vericar De Espiritu Santo 8 months ago

Wittie Manansala wrote:

Hi,

Hope this below links may help:

https://community.letsencrypt.org/t/unable-to-find-a-virtual-host-listening-on-port-80/63892/7

https://community.letsencrypt.org/t/certbot-cant-find-virtual-host-on-port-80/87481/11

Those links you gave me didn't help me at all. But I still managed to place the ssl certificate and I could verify that this is not the problem. the problem remains KAMAILIO in a failed state

Any ideas that may be happening? I've tried everything and still can't correct the error.

RE: Let´s Encrypt SSL problems. - Added by Jackie Alfonso 8 months ago

Hi,

Please try a plain installation of https://goautodial.org/projects/goautodialce/wiki/Version_4_How_To_Install_Goautodial_From_Scratch_using_CentOS_7X.
after the install try to login and make some test calls once its working then try to setup the Let´s Encrypt SSL.

Thank you!

RE: Let´s Encrypt SSL problems. - Added by kamel berrayah 4 months ago

Marcio Mello wrote:

Hello,

It was going fine,,, after the changes logging into an agent I can click on Login to Dialer and select the Campaign but it goes to "Login in to your phone,, please wait" forever.

I checked the kamailio status and it was:
kamailio.service - Kamailio (OpenSER) - the Open Source SIP Server
Loaded: loaded (/usr/lib/systemd/system/kamailio.service; enabled; vendor preset: disabled)
Active: failed (Result: start-limit) since Wed 2018-11-21 02:16:55 PST; 4min 49s ago
Process: 1531 ExecStart=/usr/sbin/kamailio -DD -P /var/run/kamailio/kamailio.pid -f $CFGFILE -m $SHM_MEMORY -M $PKG_MEMORY (code=exited, status=255)
Main PID: 1531 (code=exited, status=255)

Can´t restart kamailio service .. any idea?

Thanks!

Hi
your problem is very sample

1.    first be sur  the autorisation for key et crt files 
2.  sudo chmod go+x /etc/letsencrypt/archive
sudo chmod go+x /etc/letsencrypt/live

[server:default]
method = TLSv1
verify_certificate = no
require_certificate = no
private_key = /etc/letsencrypt/live/your.yourdomaine.com/privkey.pem
certificate = /etc/letsencrypt/live/your.yourdomaine.com/cert.pm

3.  check your time zone and time , the best is to syncronise  your ntp

RE: Let´s Encrypt SSL problems. - Added by kamel berrayah 4 months ago

kamel berrayah wrote:

Marcio Mello wrote:

Hello,

It was going fine,,, after the changes logging into an agent I can click on Login to Dialer and select the Campaign but it goes to "Login in to your phone,, please wait" forever.

I checked the kamailio status and it was:
kamailio.service - Kamailio (OpenSER) - the Open Source SIP Server
Loaded: loaded (/usr/lib/systemd/system/kamailio.service; enabled; vendor preset: disabled)
Active: failed (Result: start-limit) since Wed 2018-11-21 02:16:55 PST; 4min 49s ago
Process: 1531 ExecStart=/usr/sbin/kamailio -DD -P /var/run/kamailio/kamailio.pid -f $CFGFILE -m $SHM_MEMORY -M $PKG_MEMORY (code=exited, status=255)
Main PID: 1531 (code=exited, status=255)

Can´t restart kamailio service .. any idea?

Thanks!

Hi
your problem is very sample

1. first be sur the autorisation for key et crt files

2. sudo chmod go+x /etc/letsencrypt/archive
sudo chmod go+x /etc/letsencrypt/live

[server:default]
method = TLSv1
verify_certificate = no
require_certificate = no
private_key = /etc/letsencrypt/live/your.yourdomaine.com/privkey.pem
certificate = /etc/letsencrypt/live/your.yourdomaine.com/cert.pm

3. check your time zone and time , the best is to syncronise your ntp

sorry cert.pem not cert.pm

RE: Let´s Encrypt SSL problems. - Added by Wittie Manansala 4 months ago

Hi,

One of our user share his settings. Please visit below link.

https://goautodial.org/boards/3/topics/18690?r=18705#message-18705

Hope the above link may help you.

Thanks

    (1-22/22)
    Go to top