Hi, I tried it the implementation of TLS in asterisk 1.8.4.3 on ubuntu
10.04. I follow the tutorial:
https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial. and I
use blink as a softphone in ny client in windows. for regular communication
process (without TLS) smoothly, but when it just follow the tutorial, it is
always error on his softphone: transport error.
my configuration like this:
certificate for the server : . /ast_tls_cert -C 10.4.71.27 -O "My Super
Company" -d /etc/asterisk/keys
certificate for Client 1 : . /ast_tls_cert -m client -c
/etc/asterisk/keys/ca.crt
-k /etc/asterisk/keys/ca.key -C 10.4.71.24 -O "My Super Company" -d
/etc/
asterisk/keys -o 1001
certificate for Client 2 : . /ast_tls_cert -m client -c
/etc/asterisk/keys/ca.crt
-k /etc/asterisk/keys/ca.key -C 10.4.71.23 -O "My Super Company" -d
/etc/
asterisk/keys -o 1002
sip.conf:
[general]
context = default
udpbindaddr = 0.0.0.0
tcpenable = no
tcpbindaddr = 0.0.0.0
allowguest = no
allow = ulaw
allow = alaw
allow = gsm
allow = g722
tlsenable = yes
tlsbindaddr = 0.0.0.0
tlscertfile = / etc / asterisk / keys / asterisk.pem
tlscafile = / etc / asterisk / keys / ca.crt
tlscipher = ALL
tlsclientmethod = TLSv1
[1001]
context = default
type = friend
username = 1001
secret = 1000
dtmfmode = rfc2833
callerid = 1001
host = dynamic
transport = tls
[1002]
context = default
type = friend
username = 1002
secret = 1002
dtmfmode = rfc2833
host = dynamic
transport = tls
extensions.conf:
[general]
static = yes
WriteProtect = no
[default]
exten => 1001.1, Dial (SIP/1001, 30, tr)
exten => 1001.2, Hangup
exten => 1002.1, Dial (SIP/1002, 30, tr)
exten => 1002.2, Hangup
anyone know where's my mistake?
thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20130207/0cb232ff/attachment.htm>