search for: cert_file

...lt;336109761> <SSL routines- ssl3_get_client_hello-no shared cipher> len: 0 peer: 10.10.20.29:43357 Something with the encryption must have changed with asterisk. How can I get the device to register again? [transport-tls] type = transport protocol = tls bind = 0.0.0.0:5061 tos = cs5 cert_file = /etc/asterisk/cert/asterisk.pem ca_list_file = /etc/pki/tls/certs/ca-bundle.crt method = sslv23 'method = tlsv1' doesn't work, either.

On Thursday, January 23, 2020 11:31:46 PM CET Sean Bright wrote: > On 1/21/2020 9:18 PM, hw wrote: > > [transport-tls] > > type = transport > > protocol = tls > > bind = 0.0.0.0:5061 > > tos = cs5 > > cert_file = /etc/asterisk/cert/asterisk.pem > > ca_list_file = /etc/pki/tls/certs/ca-bundle.crt > > method = sslv23 > > This is what mine looks like which works just fine: > > [transport-tls] > type = transport > protocol = tls > method = tlsv1_2 > c...

...runk. Hoping for a sanity check of my pjsip.conf file, and what could be causing this. A test call form Twilio?s system hits the PBX (over TLS), but always says ?No matching endpoint found? in the asterisk log. pjsip.conf [transport-tls] type = transport protocol = tls bind = 0.0.0.0:5061 cert_file=cert_file priv_key_file=key_file method=tlsv1 external_media_address=X.Y.Z.D external_signaling_address=X.Y.Z.D verify_client=no verify_server=no allow_reload=yes [twilio](!) type=endpoint transport=transport-tls context=from-twilio disallow=all allow=ulaw dtmf_mode=inband media_encryption=sdes rt...

Hi, I have not found any way to use a Certificate with ssh-agent when my Key is stored on a pkcs11 device. I can add my key with ssh-add -s /usr/local/lib/opensc-pkcs11.so but ssh-add -s /usr/local/lib/opensc-pkcs11.so ~/.ssh/mykey-cert.pub does not add the certificate to my agent. As far as I undestand, in ssh-add.c line 580 if (pkcs11provider != NULL) { if (update_card(agent_fd,

...on qemu group but no reactions) Do I understand correctly that ssl shoudl be configured independently for libvirt and each hypervisor? I asked because I configured libvirt connection as qemu+tls://bambus.kjonca/system?pkipath=... (and on bambus in /etc/libvirt/libvirtd.conf) I set key_file = ... cert_file = ... ca_file = ... But after connect and lauching (on bambus) vm I tried to snif traffic to bambus:5900 on client) and wireshark was able to detect "VNC" protocol (BTW not spice?), so I am confused. should I configure in /etc/libvirt/qemu.conf spice_tls option and certificates ? K...

...used [code=120111] [Jul 8 11:09:46] WARNING[14733]: pjsip:0 <?>: tsx0x7f53a8008 Failed to send Request msg OPTIONS/cseq=31917 (tdta0x7f53c000dcb0)! err=120111 (Connection refused) someone has had good results with tls my config [transport-tls] type=transport protocol=tls bind=0.0.0.0:5061 cert_file=/etc/asterisk/keys/asterisk.crt priv_key_file=/etc/asterisk/keys/asterisk.key method=tlsv1 [XXXX] type=endpoint context=XX-Xip disallow=all allow=ulaw allow=alaw transport=transport-tls direct_media=no force_rport=yes rtp_symmetric=yes mailboxes=XXXX at default auth=XXXX aors=XXXX media_encryption...

...ion for private keys), adding a certificate together with a private key. 1) impossible to automate. 2) cause excessive typing of the password for users. Proposition: add ability to add a certificate to the ssh agent without re-reading private key. Proposed command line to ssh-add: - C public_key cert_file Add certificate to the agent based on public_key. '-' instead of cert_file indicating of use of stdin. -- You are receiving this mail because: You are watching the assignee of the bug.

Hey guys,tried to make tls work with pjsip on asterisk 13.2.0 have compiled pjsip with ssl, added transport [tls] type=transport cert_file=/pbx/keys/server.crt ca_list_file=/pbx/keys/ca.key priv_key_file=/pbx/keys/server.key protocol=tls bind=192.168.1.4:5061 local_net=192.168.1.0/24 external_media_address=77.77.77.77 external_signaling_address=77.77.77.77 have configured Grandstream GXP1400 to use tis and srtp, server.crt and serve...

On 1/21/2020 9:18 PM, hw wrote: > [transport-tls] > type = transport > protocol = tls > bind = 0.0.0.0:5061 > tos = cs5 > cert_file = /etc/asterisk/cert/asterisk.pem > ca_list_file = /etc/pki/tls/certs/ca-bundle.crt > method = sslv23 This is what mine looks like which works just fine: [transport-tls] type          = transport protocol      = tls method        = tlsv1_2 cipher        = ECDHE-ECDSA-AES256-GCM-SHA384,ECDH...

...hod = tlsv1_2 >> cipher = >> ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128 >> -GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA- >> AES256-SHA384,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256 >> cert_file = /etc/letsencrypt/live/specialdomain.com/fullchain.pem >> priv_key_file = /etc/letsencrypt/live/specialdomain.com/privkey.pem > Thanks, it still says > > > SSL SSL_ERROR_SSL (Handshake): Level: 0 err: <336109761> <SSL routines- > ssl3_get_client_hello-no shared ci...

With libvirt 6.9.0, qemu 5.1.0, and following configurations: libvirt: key_file = "/etc/ssl/libvirt/server.lan.key" cert_file = "/etc/ssl/libvirt/server.lan.crt" ca_file = "/etc/ssl/libvirt/ca.crt" log_filters="3:remote 4:event 3:util.json 3:rpc 1:*" log_outputs="1:file:/var/log/libvirt/libvirtd.log" qemu: default_tls_x509_cert_dir = "/etc/ssl/qemu" default_tls_x509_verif...

...File "<string>", line 619, in get_tarball_info File "<string>", line 578, in get_https_resource_securely File "<string>", line 487, in __init__ File "/usr/lib64/python2.7/httplib.py", line 1182, in __init__ context.load_cert_chain(cert_file, key_file) ssl.SSLError: [SSL] PEM lib (_ssl.c:2757) googling for that doesn't turn up much help for Calibre, though similar (but different) sets of errors turn up in a lot of places. So far I've not found any of them helpful. One of them said something about the installed Python packages...

...-v2v: Failed to connect to esx://esxhost/: libvirt error code: 38, message: unable to connect to 'esxhost': Connection refused I have also tried suggestion on webpage above regarding these libvirtd.conf settings and restarted libvirtd: tls_no_verify_certificate = 1 key_file = "" cert_file = "" ca_file = "" crl_file = "" ... But no change. The problem may well be the TLS certificates, PKI isn't one of my strong points. I believe the hostnames in the certificates are correct. Which certificates (if any) should be copied to the ESXi host (client or s...

...n supported on CentOS6 is v1.48. The latest version is v2.47.0. On Tue, December 22, 2015 22:06, Fred Smith wrote: > Attempting to install latest Calibre on Centos-7, getting: . . . > File "/usr/lib64/python2.7/httplib.py", line 1182, in __init__ > context.load_cert_chain(cert_file, key_file) > ssl.SSLError: [SSL] PEM lib (_ssl.c:2757) > > > Can anybody advise me what this tells me? (other than SOMETHING wrong > with some certificate...) The error you are reporting may be due to some misconfiguration of the certificate chain in the Python libraries. Likely t...

...... endpoint/allow = !all,g722,alaw,ulaw endpoint/context = ingressEasybell endpoint/media_encryption = sdes registration/contact_user = extenHW In pjsip.conf is only the transport: [transport-tls] type=transport protocol=tls bind=192.168.3.50:5061 ca_list_file=/etc/pki/tls/certs/ca-bundle.crt cert_file=/etc/asterisk/cert/newc/mycert.pem priv_key_file=/etc/asterisk/cert/newc/mykey.pem After I finally found out that 'pjsip send register *all' should re-register, I tried it while it was still registered, and it said "Re-register all queue". After that, it kept saying that all...

...File "<string>", line 619, in get_tarball_info File "<string>", line 578, in get_https_resource_securely File "<string>", line 487, in __init__ File "/usr/lib64/python2.7/httplib.py", line 1182, in __init__ context.load_cert_chain(cert_file, key_file) ssl.SSLError: [SSL] PEM lib (_ssl.c:2757) Can anybody advise me what this tells me? (other than SOMETHING wrong with some certificate...) Thanks! -- ---- Fred Smith -- fredex at fcshome.stoneham.ma.us ----------------------------- "For him who is able to keep you from falling...

...ock ??? virtstoraged-sock ??? virtstoraged-sock-ro ??? virtxend-admin-sock ??? virtxend-sock ??? virtxend-sock-ro On the server, TLS certs are in place openssl version OpenSSL 1.1.1g 21 Apr 2020 cat /etc/libvirt/libvirt.conf ca_file = "/sec/ssl/CA/CA.CHAIN.crt.pem" cert_file = "/sec/ssl/libvirt/client.EC.crt.pem" key_file = "/sec/ssl/libvirt/client.EC.key.pem" cat /etc/libvirt/virtproxyd.conf ca_file = "/sec/ssl/CA/CA.CHAIN.crt.pem" cert_file = "/sec/ssl/libvirt/server.EC.crt.pem" key_file = "/sec/ssl/libvirt/se...

...17:07:57.130212 IP 10.50.55.10.6214 > 10.128.30.239.51126: UDP, length 182 Current pjsip.conf file [transport-tls] type=transport protocol=tls bind=0.0.0.0:5061 local_net=10.50.55.0/24 external_media_address=<scrubbed public ip> external_signaling_address=<scrubbed public ip> cert_file=/etc/asterisk/keys/dev1.crt priv_key_file=/etc/asterisk/keys/dev1.key ca_list_file=/etc/asterisk/keys/ca.crt cipher=AES256-SHA method=tlsv1 ;===============EXTENSION 6001 [6000] type=endpoint context=internal disallow=all allow=ulaw auth=auth6000 aors=6000 direct_media=no rewrite_contact=yes ;...

Hello, On a newly re-installed Asterisk 16.7.0 on Debian Buster, I can't find a way to enable HTTPS. Asterisk is running as asterisk:asterisk: asterisk 11097 0.3 6.7 741352 67984 ? Ssl 17:53 0:06 /usr/sbin/asterisk -g -f -p -U asterisk # cat /etc/asterisk/http.conf [general] servername=Asterisk enabled=yes bindaddr=0.0.0.0 bindport=8088 tlsenable=yes tlsbindaddr=0.0.0.0:8089

...bably missing something but I'm not able to find what and where. Is there someone able to point me to the right direction? Below is my configuration. The sofpthone is registered as 1060. Thanks in advance. Marco Signorini. pjsip.conf: [transport-tls] type=transport protocol=tls bind=0.0.0.0 cert_file=/etc/asterisk/sslcert.pem method=tlsv1 [1060] type=endpoint transport=transport-tls context=from-internal use_avpf=yes media_encryption=sdes disallow=all allow=alaw allow=ulaw aors=1060 auth=1060 [1060] type=auth auth_type=userpass password=1060 username=1060 [1060] type=aor max_contacts=10 [20...