OpenSSL error with ulcl

Hello,

I’m having a trouble regarding SSL.

We constructed the 5GC environment with ulcl using Free5GC ver.3.0.5.
We use UERANSIM ver3.1.6 for a simulator.
We tried to access the website using curl and firefox command, but we couldn’t access with these errors.

./nr-binder 60.60.0.1 curl https://www.hogehoge.com
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to www.hogehoge.com:443

Sometimes we got the following error.

./nr-binder 60.60.0.1 curl https://www.hogehoge.com
curl: (7) Failed to connect to www.hogehoge.com port 443: Connection timed out

These errors didn’t happen when we used single UPF constitution or the first access after a certain period of time.
Although we tried using VMWare, AWS and KVM, the same problem happened in all.

We wondered the cause was using version 1.3 of TLS to access.
Actually, when we fixed the version of TLS as 1.2, we were able to avoid this error.

Does anyone know the cause and the setting to solve this trouble?
For reference, I attached UPF and SMF configuration files and log of curl command with verbose option.

Thanks,

smfcfg.yaml (6.6 KB) uerouting.yaml (1.7 KB) branchingupfcfg.ulcl.yaml (963 Bytes) anchorupf1cfg.ulcl.yaml (963 Bytes) anchorupf2cfg.ulcl.yaml (984 Bytes) curl_log_failed.txt (656 Bytes) curl_log_success.txt (1.5 KB)

Hello @NK636
I’m using the free5gc and ueransim on kubernetes with ulcl
I try your command, and think that is not the free5gc (1 UPF / ULCL) or UERANSIM problem
It’s the curl tool cant access the https website like command curl https://www.hogehoge.com
if you want to access the website, you can add the parameter -k to pass the https
like the command ./nr-binder 60.60.0.1 curl -k https://www.hogehoge.com
the website can be access.

Hello @ZhengSheng0524 ,

Thank you for your response.
I’ll try to set the -k option when I do curl command!

Is the option related to SSL certificate?
In that case, the cause of the error in my environment may be different.

I quite appreciate your help.