[asterisk-users] How to set http.conf for HTTPS support on Debian Buster ?

Olivier oza.4h07 at gmail.com
Mon Nov 18 15:18:40 CST 2019 

Unfortunately, changing ownership did not solve the issue:

# ls -al keys/
total 40
drwxr-xr-x 2 asterisk asterisk 4096 nov.  18 20:47 .
drwxr-x--- 3 asterisk asterisk 4096 nov.  18 20:53 ..
-rw------- 1 asterisk asterisk 1224 nov.  18 20:47 asterisk.crt
-rw------- 1 asterisk asterisk  578 nov.  18 20:46 asterisk.csr
-rw------- 1 asterisk asterisk  887 nov.  18 20:46 asterisk.key
-rw------- 1 asterisk asterisk 2111 nov.  18 20:47 asterisk.pem
-rw------- 1 asterisk asterisk  161 nov.  18 20:46 ca.cfg
-rw------- 1 asterisk asterisk 1781 nov.  18 20:46 ca.crt
-rw------- 1 asterisk asterisk 3311 nov.  18 20:46 ca.key
-rw------- 1 asterisk asterisk  124 nov.  18 20:46 tmp.cfg

# service asterisk stop
# service asterisk start
# asterisk -rx "http show status"
HTTP Server Status:
Prefix:
Server: Asterisk/17.0.0
Server Enabled and Bound to 0.0.0.0:8088

Enabled URI's:
/httpstatus => Asterisk HTTP General Status
/static/... => Asterisk HTTP Static Delivery

Enabled Redirects:

Le lun. 18 nov. 2019 à 22:08, Richard Mudgett <rmudgett at digium.com> a
écrit :

>
>
> On Mon, Nov 18, 2019 at 2:53 PM Olivier <oza.4h07 at gmail.com> wrote:
>
>> Hello,
>>
>> I've installed a new Asterisk 17.0.0 on a Debian Buster system.
>>
>> This Asterisk instance is run by asterisk user (and group).
>> I've got:
>>
>> # ls -l /etc/asterisk
>> total 68
>> -rw-r--r-- 1 asterisk asterisk  501 nov.  18 19:12 asterisk.conf
>> -rw-r--r-- 1 asterisk asterisk  135 nov.  18 18:57 cdr.conf
>> -rw-r--r-- 1 asterisk asterisk  684 nov.  18 18:57 cdr_custom.conf
>> -rw-r--r-- 1 asterisk asterisk  103 nov.  18 18:57 confbridge.conf
>> -rw-r--r-- 1 asterisk asterisk 6834 nov.  18 18:57 extensions.conf
>> -rw-r--r-- 1 asterisk asterisk  138 nov.  18 21:42 http.conf
>> -rw-r--r-- 1 asterisk asterisk  681 nov.  18 18:57 indications.conf
>> drwxr-xr-x 2 root     root     4096 nov.  18 20:47 keys
>> -rw-r--r-- 1 asterisk asterisk  160 nov.  18 18:57 logger.conf
>> -rw-r--r-- 1 asterisk asterisk 2769 nov.  18 18:57 modules.conf
>> -rw-r--r-- 1 asterisk asterisk   50 nov.  18 18:57 musiconhold.conf
>> -rw-r--r-- 1 asterisk asterisk 6360 nov.  18 18:57 pjsip.conf
>> -rw-r--r-- 1 asterisk asterisk  790 nov.  18 18:57 pjsip_notify.conf
>> -rw-r--r-- 1 asterisk asterisk  768 nov.  18 18:57 README
>> -rw-r--r-- 1 asterisk asterisk  513 nov.  18 18:57 voicemail.conf
>>
>> # ls -l /etc/asterisk/keys/
>> total 32
>> -rw------- 1 root root 1224 nov.  18 20:47 asterisk.crt
>> -rw------- 1 root root  578 nov.  18 20:46 asterisk.csr
>> -rw------- 1 root root  887 nov.  18 20:46 asterisk.key
>> -rw------- 1 root root 2111 nov.  18 20:47 asterisk.pem
>>
>
> I'd say that asterisk running as the asterisk user has no permission to
> see the .pem file as only root can see it.
>
> Richard
>
>
>> -rw------- 1 root root  161 nov.  18 20:46 ca.cfg
>> -rw------- 1 root root 1781 nov.  18 20:46 ca.crt
>> -rw------- 1 root root 3311 nov.  18 20:46 ca.key
>> -rw------- 1 root root  124 nov.  18 20:46 tmp.cfg
>>
>> # cat /etc/asterisk/http.conf
>> [general]
>> enabled=yes
>> bindaddr=0.0.0.0
>> bindport=8088
>> tlsenable=yes
>> tlsbindaddr=0.0.0.0:8089
>> tlscertfile=/etc/asterisk/keys/asterisk.pem
>>
>> But, still I don't have any HTTPS server running:
>>
>> # asterisk -rx "http show status"
>> HTTP Server Status:
>> Prefix:
>> Server: Asterisk/17.0.0
>> Server Enabled and Bound to 0.0.0.0:8088
>>
>> Enabled URI's:
>> /httpstatus => Asterisk HTTP General Status
>> /static/... => Asterisk HTTP Static Delivery
>>
>> Enabled Redirects:
>>   None.
>>
>>
>>
>> Can someone help me on this ?
>> Is http;conf correct ?
>> Am I mis-configuring files access rights or ownership ?
>> Something else ?
>>
>> Best regards
>>
>>
>>
>>
>>
>>
>> --
>> _____________________________________________________________________
>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>
>> Check out the new Asterisk community forum at:
>> https://community.asterisk.org/
>>
>> New to Asterisk? Start here:
>>       https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>>
>> asterisk-users mailing list
>> To UNSUBSCRIBE or update options visit:
>>    http://lists.digium.com/mailman/listinfo/asterisk-users
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> Check out the new Asterisk community forum at:
> https://community.asterisk.org/
>
> New to Asterisk? Start here:
>       https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20191118/b689fd1b/attachment.html>

More information about the asterisk-users mailing list