tls negotiation issues with wss chrome 47.0.2526.106

18 views

Skip to first unread message

Tito Cumpen

unread,

Dec 30, 2015, 8:18:31 PM12/30/15

to OverSIP

Group,

I am having issues with the tls handshake process. During the moment of the server hello chrome closes the socket and sipJs throws an error. When using openssl client with this command

openssl s_client -showcerts -connect mydomain.net:10443 -state -debug

verify error:num=20:unable to get local issuer certificate

No client certificate CA names sent

Verify return code: 21 (unable to verify the first certificate)

I am using a *.domain.net wildcard cert that utilizes the same domain for an https webportal

The interesting aspect of this is that when using the browser to navigate to the https:server.mydoamin.net:port. The browser will prompt about what cert to use and after this it will continue to work fine until that setting expires.

Is anyone having these negotiation issues?

Thanks,

Tito

Iñaki Baz Castillo

unread,

Jan 14, 2016, 6:39:19 PM1/14/16

to oversip

The browser may behave differently when it comes to validate (even the
same) certificate via WebSocket.

--
Iñaki Baz Castillo
<i...@aliax.net>

Reply all

Reply to author

Forward

0 new messages