[asterisk-users] Asterisk 16.14.0 pjsip transport-tls cert parsing error

Stefan Tichy asterisk3 at pi4tel.de
Fri Jan 29 09:53:59 CST 2021

On Tue, Jan 26, 2021 at 10:12:22AM -1000, Ruisheng Peng wrote:

> The self-sign asterisk.crt:

I saved that file in "x.crt".

openssl x509 -in x.crt -noout -text

   RSA Public-Key: (1024 bit)

> and Letsencrypt cert.pem:

I saved that file in "y.crt".

openssl x509 -in y.crt -noout -enddate
notAfter=Jan 29 01:24:25 2021 GMT

> There were a few mentions of this problem on the web, and one said changing
> the security mode of the certs to 755 fixed his problem.

That makes no sense.

Which version of openssl ist used on that CentOS7 box ?

In "/etc/ssl/openssl.cnf" you find something like this:

MinProtocol = TLSv1.2
CipherString = DEFAULT at SECLEVEL=2

You could set the level to "1" or even to "0" and restart Asterisk.

Stefan Tichy

More information about the asterisk-users mailing list