tls negotiation issues with wss chrome 47.0.2526.106

18 views
Skip to first unread message

Tito Cumpen

unread,
Dec 30, 2015, 8:18:31 PM12/30/15
to OverSIP
Group,


I am having issues with the tls handshake process. During the moment of the server hello chrome closes the socket and sipJs throws an error. When using openssl client with this command

openssl s_client -showcerts -connect mydomain.net:10443 -state -debug



verify error:num=20:unable to get local issuer certificate

No client certificate CA names sent

    Verify return code: 21 (unable to verify the first certificate)



I am using a *.domain.net wildcard cert that utilizes the same domain for an https webportal 


The interesting aspect of this is that when using the browser to navigate to the https:server.mydoamin.net:port. The browser will prompt about what cert to use and after this it will continue to work fine until that setting expires.



Is anyone having these negotiation issues?


Thanks,

Tito

Iñaki Baz Castillo

unread,
Jan 14, 2016, 6:39:19 PM1/14/16
to oversip
The browser may behave differently when it comes to validate (even the
same) certificate via WebSocket.


--
Iñaki Baz Castillo
<i...@aliax.net>
Reply all
Reply to author
Forward
0 new messages