Skip to main content

Asterisk - DTLS failure occurred on RTP instance due to reason sslv3 alert handshake failure


Once i got below error when audio start playing to my browser client in chrome.

ERROR[31730][C-0000000c]: res_rtp_asterisk.c:2042 __rtp_recvfrom: DTLS failure occurred on RTP instance '0x7f547c013c68' due to reason 'sslv3 alert handshake failure', terminating
WARNING[31730][C-0000000c]: res_rtp_asterisk.c:3911 ast_rtcp_read: RTCP Read error: Unspecified.  Hanging up.
WARNING[31730][C-0000000c]: app_playback.c:493 playback_exec: Playback failed on SIP/104600-00000007 for /var/www/html/fetch_prompt

I had googled and found many related and unrelated solutions. Finally i found that it was with openssl. Only solution is to update openssl. So i tried to update openssl from source as in this link. But even though "openssl version" command show updated version number, asterisk was still using previous openssl version.

So i updated openssl in ubuntu 14 using below commands

# echo 'deb http://us.archive.ubuntu.com/ubuntu/ xenial main restricted universe multiverse' > /etc/apt/sources.list.d/xenial.list
# aptitude update
# aptitude install -y openssl libssl-dev
# rm /etc/apt/sources.list.d/xenial.list
# aptitude update

After executing above commands, try below commands and check if openssl is updated or not

# ldd /usr/sbin/asterisk  | grep libssl
libssl.so.1.0.0 => /lib/x86_64-linux-gnu/libssl.so.1.0.0 (0x00007f33ce117000)

# strings /lib/x86_64-linux-gnu/libssl.so.1.0.0 | grep 1.0.2
OPENSSL_1.0.2
OPENSSL_1.0.2g
SSLv3 part of OpenSSL 1.0.2g-fips  1 Mar 2016
TLSv1 part of OpenSSL 1.0.2g-fips  1 Mar 2016
DTLSv1 part of OpenSSL 1.0.2g-fips  1 Mar 2016
OpenSSL 1.0.2g-fips  1 Mar 2016

# openssl version
OpenSSL 1.0.2g-fips  1 Mar 2016

If openssl is updated, please recreate asterisk keys by deleting older ones

# rm /etc/asterisk/keys/*
# cd /usr/src/astersik*/contrb/scripts
# sudo ./ast_tls_cert -C pbx.mycompany.com -O "My Super Company" -d /etc/asterisk/keys
# asterisk -rx "reload"

N.B : You should reload asterisk after changing keys

Popular posts from this blog

Implementing Client Side WebRTC using Sipml5 javascript

Step 1:

Download and require Sipml5 library function.

Step 2:

Initialize sipml5 Engine in your web page :

var readyCallback = function(e) {
// function called when sipml is successfully initialised.
createSipStack(); // calling this function to create sip stack(see below)
};

var errorCallback = function(e) {
// function called when error occured during sipml initialisation.
};

SIPml.init(readyCallback, errorCallback);

Step 3:

Create Sip Stack :-
Sip Stack is an object that must be created before making/receiving call and sms. Creating Sip stack is an asynchronous process, so you need to create an event listener function to get state change notification.

var sipStack;

function EventListener(e) {

/*
* e.type ;type of event listener
* e.session ; current event session
* e.getSipResponseCode() ; event response code
* e.description ; event description
*/

if(e.type == 'started'){
// successfully started the stack.
register();
} else if(e.type == 'i_new_call'){
// when new incoming call comes.
      …

Setup Asterisk 13 with FreePBX 13 in CentOS 7

Launch CentOS 7 AWS Ec2 InstanceLog in to your aws consoleGo to ec2 management page and click Launch Instance on Instance pageIn Choose AMI step, go to AWS MarketPlace tab and search CentOS 7 on search field. List of centos 7 ami's will be available.Select CentOS 7 (x86_64) ami which is free tier eligible. Select your instance type and click configure instance. Keep default values from Configure Instance to Add Tags stepsIn configure security group, create a security group which allow minimum ports openSSH : port 22HTTP : port 80Custom UDP Rule : 10000-20000 (if you are giving RTP ports 10000-20000)Custom UDP Rule : 5060 (ChanSIP port)Custom TCP Rule : 5060 (ChanSIP Port)Click Launch Instance. Select your key file and accept terms to launch instance.
Setup CentOS Server SSH into newly created CentOS server with username centos and your key file.Update all existing packagessudo yum update -yNow start http service(you can access your server via browser by going to your server ip addres…

MULTIPLE FILE UPLOAD USING AJAX WITH PROGRESS BAR

Uploading multiple files using ajax makes a pleasant feeling to the user. It makes even more happier if upload progress status is printed with percentage.

            In this blog, you will make a file upload form using ajax with file upload progress bar.

Prerequisites :

1) Javascript supported browser
2) LAMP Server / XAMPP Server

Code :

index.html

<!DOCTYPE html>
<html> <head><title>Multiple File Upload using Ajax</title>
<link rel="stylesheet" type="text/css" href="style.css">
<script src="//code.jquery.com/jquery-1.10.2.min.js"></script> </head> <body><div><form action="action.php" method="post" enctype="multipart/form-data" id="multiple-upload-form"><input type="button" id="select-file-btn" value="Select Files" onclick="document.getElementById('files').click(); return false;&qu…