Skip to main content

Asterisk - DTLS failure occurred on RTP instance due to reason sslv3 alert handshake failure

Once i got below error when audio start playing to my browser client in chrome.

ERROR[31730][C-0000000c]: res_rtp_asterisk.c:2042 __rtp_recvfrom: DTLS failure occurred on RTP instance '0x7f547c013c68' due to reason 'sslv3 alert handshake failure', terminating
WARNING[31730][C-0000000c]: res_rtp_asterisk.c:3911 ast_rtcp_read: RTCP Read error: Unspecified.  Hanging up.
WARNING[31730][C-0000000c]: app_playback.c:493 playback_exec: Playback failed on SIP/104600-00000007 for /var/www/html/fetch_prompt

I had googled and found many related and unrelated solutions. Finally i found that it was with openssl. Only solution is to update openssl. So i tried to update openssl from source as in this link. But even though "openssl version" command show updated version number, asterisk was still using previous openssl version.

So i updated openssl in ubuntu 14 using below commands

# echo 'deb xenial main restricted universe multiverse' > /etc/apt/sources.list.d/xenial.list
# aptitude update
# aptitude install -y openssl libssl-dev
# rm /etc/apt/sources.list.d/xenial.list
# aptitude update

After executing above commands, try below commands and check if openssl is updated or not

# ldd /usr/sbin/asterisk  | grep libssl => /lib/x86_64-linux-gnu/ (0x00007f33ce117000)

# strings /lib/x86_64-linux-gnu/ | grep 1.0.2
SSLv3 part of OpenSSL 1.0.2g-fips  1 Mar 2016
TLSv1 part of OpenSSL 1.0.2g-fips  1 Mar 2016
DTLSv1 part of OpenSSL 1.0.2g-fips  1 Mar 2016
OpenSSL 1.0.2g-fips  1 Mar 2016

# openssl version
OpenSSL 1.0.2g-fips  1 Mar 2016

If openssl is updated, please recreate asterisk keys by deleting older ones

# rm /etc/asterisk/keys/*
# cd /usr/src/astersik*/contrb/scripts
# sudo ./ast_tls_cert -C -O "My Super Company" -d /etc/asterisk/keys
# asterisk -rx "reload"

N.B : You should reload asterisk after changing keys


Popular posts from this blog

Setup Asterisk 13 with FreePBX 13 in CentOS 7

Launch CentOS 7 AWS Ec2 InstanceLog in to your aws consoleGo to ec2 management page and click Launch Instance on Instance pageIn Choose AMI step, go to AWS MarketPlace tab and search CentOS 7 on search field. List of centos 7 ami's will be available.Select CentOS 7 (x86_64) ami which is free tier eligible. Select your instance type and click configure instance. Keep default values from Configure Instance to Add Tags stepsIn configure security group, create a security group which allow minimum ports openSSH : port 22HTTP : port 80Custom UDP Rule : 10000-20000 (if you are giving RTP ports 10000-20000)Custom UDP Rule : 5060 (ChanSIP port)Custom TCP Rule : 5060 (ChanSIP Port)Click Launch Instance. Select your key file and accept terms to launch instance.
Setup CentOS Server SSH into newly created CentOS server with username centos and your key file.Update all existing packagessudo yum update -yNow start http service(you can access your server via browser by going to your server ip addres…

Start an android activity from cordova plugin

We all need to start an android activity from a cordova plugin. Here is a small and complete code to start an activity from cordova plugin
1. Install plugman to create cordova plugin npm install -g plugman2. Create cordova plugin using plugman plugman create --name PluginName --plugin_id com.example.sample.plugin --plugin_version 0.0.1
N.B : plugin id never start with Uppercase Now PluginName directory will be created. Plugin structure will be
> PluginName/

> |- plugin.xml

> |- src/

> |- www/PluginName.js

3. Add android platform to plugin
plugman platform add --platform_name android
Now plugin structure will be

> PluginName/

> |- plugin.xml

> |- src/android/

> |- www/PluginName.js

4. Now create a java file named in src/android diretory
This activity will be shown using our plugin. Write sample activity in
package com.example.sample.plugin; import; import android.os.Bundle;…

Implementing Client Side WebRTC using Sipml5 javascript

Step 1:

Download and require Sipml5 library function.

Step 2:

Initialize sipml5 Engine in your web page :

var readyCallback = function(e) {
// function called when sipml is successfully initialised.
createSipStack(); // calling this function to create sip stack(see below)

var errorCallback = function(e) {
// function called when error occured during sipml initialisation.

SIPml.init(readyCallback, errorCallback);

Step 3:

Create Sip Stack :-
Sip Stack is an object that must be created before making/receiving call and sms. Creating Sip stack is an asynchronous process, so you need to create an event listener function to get state change notification.

var sipStack;

function EventListener(e) {

* e.type ;type of event listener
* e.session ; current event session
* e.getSipResponseCode() ; event response code
* e.description ; event description

if(e.type == 'started'){
// successfully started the stack.
} else if(e.type == 'i_new_call'){
// when new incoming call comes.