| View previous topic :: View next topic |
| Author |
Message |
motty.cruz at gmail.com
Guest
|
 Posted: Wed May 04, 2016 11:44 am Post subject: [asterisk-users] Asterisk 1.8 secure SIP session only |
 |
|
Hello, I am trying to secure SIP session with TLS on Asterisk Server 1.8. I keep getter an error,
== Problem setting up ssl connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
[2016-05-04 09:31:17] WARNING[30032]: tcptls.c:254 handle_tcptls_connection: FILE * open failed!
I tried both signed and self-signed cert to no avail.
Here is my Configuration:
Sip.conf
tlsenable=yes
tlsbindaddr=0.0.0.0
tlscertfile=/etc/asterisk/keys/box1.pem
tlscapath=/etc/asterisk/keys
tlscipher=ALL
tlsclientmethod=tlsv1
sip.conf ext.
[5006]
type=peer
context=sipext
call-limit=3
trustrpid=no
callerid="Rec" <5006>
disallow=all
allow=ulaw
allow=alaw
username=5006
secret=9fcbb025200881850526bc57d59885c3
dtmfmode=rfc2833
host=dynamic
mailbox=5006
nat=yes
canreinvite=no
transport=tls
== Problem setting up ssl connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
[2016-05-04 09:31:17] WARNING[30032]: tcptls.c:254 handle_tcptls_connection: FILE * open failed!
Any ideas? |
|
| Back to top |
|
 |
mvakondios at gmail.com
Guest
|
| Posted: Wed May 04, 2016 12:12 pm Post subject: [asterisk-users] Asterisk 1.8 secure SIP session only |
|
|
Your CA cert is missing.
Add in sip.conf:
tlscafile=/etc/asterisk/keys/ca.crt
You don't need:
tlscapath=/etc/asterisk/keys
On 4 May 2016 at 19:43, Motty Cruz <motty.cruz@gmail.com (motty.cruz@gmail.com)> wrote:
| Quote: |
Hello, I am trying to secure SIP session with TLS on Asterisk Server 1.8. I keep getter an error,
== Problem setting up ssl connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
[2016-05-04 09:31:17] WARNING[30032]: tcptls.c:254 handle_tcptls_connection: FILE * open failed!
I tried both signed and self-signed cert to no avail.
Here is my Configuration:
Sip.conf
tlsenable=yes
tlsbindaddr=0.0.0.0
tlscertfile=/etc/asterisk/keys/box1.pem
tlscapath=/etc/asterisk/keys
tlscipher=ALL
tlsclientmethod=tlsv1
sip.conf ext.
[5006]
type=peer
context=sipext
call-limit=3
trustrpid=no
callerid="Rec" <5006>
disallow=all
allow=ulaw
allow=alaw
username=5006
secret=9fcbb025200881850526bc57d59885c3
dtmfmode=rfc2833
host=dynamic
mailbox=5006
nat=yes
canreinvite=no
transport=tls
== Problem setting up ssl connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
[2016-05-04 09:31:17] WARNING[30032]: tcptls.c:254 handle_tcptls_connection: FILE * open failed!
Any ideas?
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
|
|
|
| Back to top |
|
|
motty.cruz at gmail.com
Guest
|
| Posted: Fri May 06, 2016 10:41 am Post subject: [asterisk-users] Asterisk 1.8 secure SIP session only |
|
|
Thank you Markos, finally was able to secure SIP session with TLS between server & client.
Thanks for you support!
From: asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Markos Vakondios
Sent: Wednesday, May 04, 2016 10:11 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] Asterisk 1.8 secure SIP session only
Your CA cert is missing.
Add in sip.conf:
tlscafile=/etc/asterisk/keys/ca.crt
You don't need:
tlscapath=/etc/asterisk/keys
On 4 May 2016 at 19:43, Motty Cruz <motty.cruz@gmail.com (motty.cruz@gmail.com)> wrote:
Hello, I am trying to secure SIP session with TLS on Asterisk Server 1.8. I keep getter an error,
== Problem setting up ssl connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
[2016-05-04 09:31:17] WARNING[30032]: tcptls.c:254 handle_tcptls_connection: FILE * open failed!
I tried both signed and self-signed cert to no avail.
Here is my Configuration:
Sip.conf
tlsenable=yes
tlsbindaddr=0.0.0.0
tlscertfile=/etc/asterisk/keys/box1.pem
tlscapath=/etc/asterisk/keys
tlscipher=ALL
tlsclientmethod=tlsv1
sip.conf ext.
[5006]
type=peer
context=sipext
call-limit=3
trustrpid=no
callerid="Rec" <5006>
disallow=all
allow=ulaw
allow=alaw
username=5006
secret=9fcbb025200881850526bc57d59885c3
dtmfmode=rfc2833
host=dynamic
mailbox=5006
nat=yes
canreinvite=no
transport=tls
== Problem setting up ssl connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
[2016-05-04 09:31:17] WARNING[30032]: tcptls.c:254 handle_tcptls_connection: FILE * open failed!
Any ideas?
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users |
|
| Back to top |
|
|
|
Search
