[asterisk-users] Commercial SSL certs on Asterisk 1.8.10.0 with Polycom phones for encrypted calls using TLS and SRTP?
Gavin Henry
gavin.henry at gmail.com
Thu Mar 8 09:32:30 CST 2012
Hi all,
We're testing TLS and SRTP on Asterisk 1.8.10.0 and have it working
with a commerical (not self-sign) AlphaSSL wildcard (GlobalSign) using
Blink Lite 1.6.2 as per
https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial
We've tested with Bria on an iPhone and that doesn't recognised the
commercial CA (GlobalSign Root CA).
On a Yealink 28P with V60/V61 is registers over TLS, but can't do
SRTP. Yealink are working on this and are testing against one of our
dev servers.
My question is someone (Digium) must have this working against Polycom
(which is a requirement for this project) with commercial certs since
that's their partner of choice?
This is our relevant setup:
tlsenable=yes
tlsbindaddr=0.0.0.0
tcpbindaddr=0.0.0.0
tcpenable=yes
transport=tcp,udp,tls
tlscertfile=/etc/asterisk/ssl/test_wildcard_cert.pem
tlscafile=/etc/asterisk/ssl/AlphaSSLroot.crt
tlscipher=ALL
tlsclientmethod=tlsv1
This file has the cert and key in it:
test_wildcard_cert.pem
is as per:
http://www.alphassl.com/support/install-ssl/apache.html
and AlphaSSLroot.crt is as per:
http://www.alphassl.com/support/install-root/apache.html
We haven't tested Snom or Aastra yet.
Thanks,
Gavin.
--
http://www.suretecsystems.com/services/openldap/
http://www.surevoip.co.uk
More information about the asterisk-users
mailing list