[asterisk-users] TLS problem
Jonathan H
lardconcepts at gmail.com
Sun Aug 28 13:23:06 CDT 2016
Sorry, things got a bit behind. I was about to settle down and type
something up, when I notice you mention SIP.
Sorry, I've not used that - I'm only familiar with the current pjsip
implementation on 13.10.
Which looks like this:
[transport-tls]
type=transport
protocol=tls
bind=0.0.0.0:5061
cert_file=/etc/letsencrypt/live/mysite.co.uk/fullchain.pem
priv_key_file=/etc/letsencrypt/live/mysite.co.uk/privkey.pem
method=tlsv1
But this won't be any good to you on sip. What version of Asterisk are
you using?
On 26 August 2016 at 11:36, hw <hw at gc-24.de> wrote:
> Jonathan H schrieb:
>>
>> Well, what immediately stands out is:
>> "FILE * open failed!"
>
>
> Yes, and it doesn´t say which file cannot be opened. I even looked at
> the source and found that at that point, you can´t simply add some
> debugging output to find out.
>
>> Have you triple checked that the full filepath is correct and that the
>> user that Asterisk is running as has full permissions to access your
>> valid certificate file?
>
>
> It says 'SSL certificate ok' when I 'reload sip'. When it can´t read one
> of the files involved with the certificate, it says which one.
>
>> I have it working with microsip and a free TLS cert from LetsEncrypt.
>> When I get to the PC with that on, I can write up what settings I've
>> got if that helps?
>
>
> I´m using a self signed certificate, but that shouldn´t behave any
> differently than an externally sigend one as long as it checks out,
> which it apparently does.
>
> So yes, it would be nice if you could send me the settings you´re using,
> thanks :)
>
>
>
>>
>>
>> On 26 August 2016 at 10:47, hw <hw at gc-24.de> wrote:
>>>
>>> hw schrieb:
>>>>
>>>>
>>>>
>>>> Hi,
>>>>
>>>> I´m trying to get TLS to work with asterisk and client phones,
>>>> and all I´m getting from asterisk is
>>>>
>>>>
>>>> [Aug 23 11:46:42] WARNING[1170]: tcptls.c:673 handle_tcptls_connection:
>>>> FILE * open failed!
>>>> == Problem setting up ssl connection:
>>>> error:00000000:lib(0):func(0):reason(0)
>>>> [Aug 23 11:46:44] WARNING[1171]: tcptls.c:673 handle_tcptls_connection:
>>>> FILE * open failed!
>>>>
>>>>
>>>> when clients try to connect. No client is able to register using TLS.
>>>>
>>>> How can I use encrypted connections?
>>>>
>>>
>>> Nobody having an idea? Nobody using encryption?
>>>
>>>
>>>
>>> --
>>> _____________________________________________________________________
>>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>>
>>> Join the Asterisk Community at the 13th AstriCon, September 27-29, 2016
>>> http://www.asterisk.org/community/astricon-user-conference
>>>
>>> New to Asterisk? Start here:
>>> https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>>>
>>> asterisk-users mailing list
>>> To UNSUBSCRIBE or update options visit:
>>> http://lists.digium.com/mailman/listinfo/asterisk-users
>>
>>
>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> Join the Asterisk Community at the 13th AstriCon, September 27-29, 2016
> http://www.asterisk.org/community/astricon-user-conference
>
> New to Asterisk? Start here:
> https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
More information about the asterisk-users
mailing list