[asterisk-users] [SOLVED]Re: TLS/SSL error loading cert file. </etc/asterisk/keys/asterisk.pem>

Sean Bright sean.bright at gmail.com
Fri Apr 17 14:56:41 CDT 2020


On 4/17/2020 10:34 AM, Olivier wrote:
> All this came from ast_tls_cert script using 1024 bits-long keys where 
> Debian's defaut was to require at least 2048-long keys !
> Simply passing -b 2048 to ast_tls_cert solved it.

Yes, this was addressed by two¹ commits² in the most recent releases 
because of the report in ASTERISK-28750³.

> 1. May I suggest mentioning explicitly this possibility in wiki page ?

I've done that. Let us know if it needs more clarifying details.

> 2. What would you say of adding an extra input argument to have 
> certificates built for a specific duration (default is 365 days and 
> some may expect a different duration) ?

I think that would be fine. If you are willing to contribute that 
change, feel free to open an issue in JIRA⁴ and attach a patch, or 
submit the patch for review yourself⁵.

Kind regards,

3. https://issues.asterisk.org/jira/browse/ASTERISK-28750
4. https://issues.asterisk.org/
5. https://wiki.asterisk.org/wiki/display/AST/Gerrit+Usage

More information about the asterisk-users mailing list