[asterisk-users] unsolved: Re: solved: how to create a working certificate for using TLS?

Michael Maier m1278468 at mailbox.org
Sat Jul 6 03:40:26 CDT 2019

On 05.07.19 at 22:02 hw wrote:
> openssl verify -CAfile ca.pem asterisk.pem
> asterisk.pem: OK
> When I set tlsdontverifyserver=yes, it works (i. e. asterisk registers
> to the SIP provider and there is no error message).  Otherwise I'm
> getting the error message and asterisk does not register.
> Reading the comments in sip.conf.sample, I would assume that asterisk
> can not verify the certificate of the SIP provider.  Yet
> openssl s_client -connect secure.sip.easybell.de:5061

You know that you don't need an own certificate to connect via tls to the ISP?

To be able to verify the certificate of the ISP, asterisk has to know the local CA database. For CentOS 7, this is /etc/pki/tls/certs/ca-bundle.crt.


More information about the asterisk-users mailing list