[asterisk-users] How to set http.conf for HTTPS support on Debian Buster ?

Richard Mudgett rmudgett at digium.com
Mon Nov 18 15:07:38 CST 2019 

On Mon, Nov 18, 2019 at 2:53 PM Olivier <oza.4h07 at gmail.com> wrote:

> Hello,
>
> I've installed a new Asterisk 17.0.0 on a Debian Buster system.
>
> This Asterisk instance is run by asterisk user (and group).
> I've got:
>
> # ls -l /etc/asterisk
> total 68
> -rw-r--r-- 1 asterisk asterisk  501 nov.  18 19:12 asterisk.conf
> -rw-r--r-- 1 asterisk asterisk  135 nov.  18 18:57 cdr.conf
> -rw-r--r-- 1 asterisk asterisk  684 nov.  18 18:57 cdr_custom.conf
> -rw-r--r-- 1 asterisk asterisk  103 nov.  18 18:57 confbridge.conf
> -rw-r--r-- 1 asterisk asterisk 6834 nov.  18 18:57 extensions.conf
> -rw-r--r-- 1 asterisk asterisk  138 nov.  18 21:42 http.conf
> -rw-r--r-- 1 asterisk asterisk  681 nov.  18 18:57 indications.conf
> drwxr-xr-x 2 root     root     4096 nov.  18 20:47 keys
> -rw-r--r-- 1 asterisk asterisk  160 nov.  18 18:57 logger.conf
> -rw-r--r-- 1 asterisk asterisk 2769 nov.  18 18:57 modules.conf
> -rw-r--r-- 1 asterisk asterisk   50 nov.  18 18:57 musiconhold.conf
> -rw-r--r-- 1 asterisk asterisk 6360 nov.  18 18:57 pjsip.conf
> -rw-r--r-- 1 asterisk asterisk  790 nov.  18 18:57 pjsip_notify.conf
> -rw-r--r-- 1 asterisk asterisk  768 nov.  18 18:57 README
> -rw-r--r-- 1 asterisk asterisk  513 nov.  18 18:57 voicemail.conf
>
> # ls -l /etc/asterisk/keys/
> total 32
> -rw------- 1 root root 1224 nov.  18 20:47 asterisk.crt
> -rw------- 1 root root  578 nov.  18 20:46 asterisk.csr
> -rw------- 1 root root  887 nov.  18 20:46 asterisk.key
> -rw------- 1 root root 2111 nov.  18 20:47 asterisk.pem
>

I'd say that asterisk running as the asterisk user has no permission to see
the .pem file as only root can see it.

Richard


> -rw------- 1 root root  161 nov.  18 20:46 ca.cfg
> -rw------- 1 root root 1781 nov.  18 20:46 ca.crt
> -rw------- 1 root root 3311 nov.  18 20:46 ca.key
> -rw------- 1 root root  124 nov.  18 20:46 tmp.cfg
>
> # cat /etc/asterisk/http.conf
> [general]
> enabled=yes
> bindaddr=0.0.0.0
> bindport=8088
> tlsenable=yes
> tlsbindaddr=0.0.0.0:8089
> tlscertfile=/etc/asterisk/keys/asterisk.pem
>
> But, still I don't have any HTTPS server running:
>
> # asterisk -rx "http show status"
> HTTP Server Status:
> Prefix:
> Server: Asterisk/17.0.0
> Server Enabled and Bound to 0.0.0.0:8088
>
> Enabled URI's:
> /httpstatus => Asterisk HTTP General Status
> /static/... => Asterisk HTTP Static Delivery
>
> Enabled Redirects:
>   None.
>
>
>
> Can someone help me on this ?
> Is http;conf correct ?
> Am I mis-configuring files access rights or ownership ?
> Something else ?
>
> Best regards
>
>
>
>
>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> Check out the new Asterisk community forum at:
> https://community.asterisk.org/
>
> New to Asterisk? Start here:
>       https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20191118/09cf1f58/attachment.html>

More information about the asterisk-users mailing list