[asterisk-users] [SOLVED]Re: TLS/SSL error loading cert file. </etc/asterisk/keys/asterisk.pem>
Sean Bright
sean.bright at gmail.com
Fri Apr 17 14:56:41 CDT 2020
Hi,
On 4/17/2020 10:34 AM, Olivier wrote:
> All this came from ast_tls_cert script using 1024 bits-long keys where
> Debian's defaut was to require at least 2048-long keys !
> Simply passing -b 2048 to ast_tls_cert solved it.
Yes, this was addressed by two¹ commits² in the most recent releases
because of the report in ASTERISK-28750³.
> 1. May I suggest mentioning explicitly this possibility in wiki page ?
I've done that. Let us know if it needs more clarifying details.
> 2. What would you say of adding an extra input argument to have
> certificates built for a specific duration (default is 365 days and
> some may expect a different duration) ?
I think that would be fine. If you are willing to contribute that
change, feel free to open an issue in JIRA⁴ and attach a patch, or
submit the patch for review yourself⁵.
Kind regards,
Sean
1.
https://github.com/asterisk/asterisk/commit/de6919f33942911647b1ec0eccfdd942ad776f55
2.
https://github.com/asterisk/asterisk/commit/7f2d56fc8c0068bdd172a558f9eebf0e81693c48
3. https://issues.asterisk.org/jira/browse/ASTERISK-28750
4. https://issues.asterisk.org/
5. https://wiki.asterisk.org/wiki/display/AST/Gerrit+Usage
More information about the asterisk-users
mailing list