Displaying 20 results from an estimated 34 matches for "tlsbindaddr".
Did you mean:
tcpbindaddr
2015 Mar 03
2
TLS, SRTP, Asterisk11 and Snom870s
On Tue, March 3, 2015 13:37, James Cloos wrote:
>>>>>> "JBB" == James B Byrne <byrnejb at harte-lyne.ca> writes:
>
> JBB> tcpenable=yes
> JBB> tlsenable=yes
> JBB> tlscertfile=/etc/pki/asterisk/ca.harte-lyne.hamilton.asterisk.crt
> JBB> tlscafile=/etc/pki/tls/certs/ca-bundle.crt
> JBB> tlsdontverifyserver=yes
> JBB>
2020 Jan 06
4
TLS/SSL error loading cert file. </etc/asterisk/keys/asterisk.pem>
...#39;t find a
way to enable HTTPS.
Asterisk is running as asterisk:asterisk:
asterisk 11097 0.3 6.7 741352 67984 ? Ssl 17:53 0:06
/usr/sbin/asterisk -g -f -p -U asterisk
# cat /etc/asterisk/http.conf
[general]
servername=Asterisk
enabled=yes
bindaddr=0.0.0.0
bindport=8088
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/etc/asterisk/keys/asterisk.pem
;tlsprivatekey=keys/asterisk.key
# ls -lR /etc/asterisk/keys
/etc/asterisk/keys:
total 32
-rw-rw-r-- 1 asterisk asterisk 1229 janv. 6 16:00 asterisk.crt
-rw-rw-r-- 1 asterisk asterisk 586 janv. 6 15:59 asterisk.csr
-rw-rw-r-- 1 asterisk a...
2018 Dec 07
2
Question on WebRTC configuration
...RTC clients...
https://wiki.asterisk.org/wiki/display/AST/Configuring+Asterisk+for+WebRTC+Clients
"To communicate with websocket clients, Asterisk uses its built-in HTTP daemon. Configure /etc/asterisk/http.conf as follows:
[general]
enabled=yes
bindaddr=0.0.0.0
bindport=8088
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=<your_cert_file>
tlsprivatekey=<your_key_file>
tlscafile=<your_ca_cert_file>"
What is the tlscafile setting?
When I look at the http.conf samples it doesn't mention the tlscafile setting.
I see there is a tlscafile setting in sip.conf, but I don...
2016 May 04
2
Asterisk 1.8 secure SIP session only
...etting up ssl connection: error:14094418:SSL
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
[2016-05-04 09:31:17] WARNING[30032]: tcptls.c:254 handle_tcptls_connection:
FILE * open failed!
I tried both signed and self-signed cert to no avail.
Here is my Configuration:
Sip.conf
tlsenable=yes
tlsbindaddr=0.0.0.0
tlscertfile=/etc/asterisk/keys/box1.pem
tlscapath=/etc/asterisk/keys
tlscipher=ALL
tlsclientmethod=tlsv1
sip.conf ext.
[5006]
type=peer
context=sipext
call-limit=3
trustrpid=no
callerid="Rec" <5006>
disallow=all
allow=ulaw
allow=alaw
username=5006
secret=9...
2015 Mar 03
0
TLS, SRTP, Asterisk11 and Snom870s
...only, use transport=tls
it also accepts tcp, udp or a comma-separated list.
if given a list, it tries them in order
If you need ast to register over tls, use something like this:
register => tls://username:xxxxxx at sip-tls-proxy.example.org
(copied from the example sip.conf).
Set tlsbindaddr to the address to which to bind(2) the tls socket.
tlsbindaddr=0.0.0.0 is typical in ipv4-only configs.
-JimC
--
James Cloos <cloos at jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
2015 Jan 14
1
WSS Socket Configuration
Hi Alexey,
This is what works for me:
[http.conf]:
tlsenable=yes ; enable tls - default no.
tlsbindaddr=144.x.y.z:8089 ; address and port to bind to - default is
bindaddr and port 8089.
tlscertfile=/etc/asterisk/keys/mycert.pem ; path to the certificate
file (*.pem) only.
tlsprivatekey=/etc/asterisk/keys/mycert.pem ; path to private key file
(*.pem) only.
Date: Tue, 13 Jan 2015 10:02:08 +00...
2020 Jan 08
2
TLS/SSL error loading cert file. </etc/asterisk/keys/asterisk.pem> [Almost SOLVED]
...97 0.3 6.7 741352 67984 ? Ssl 17:53 0:06
>> /usr/sbin/asterisk -g -f -p -U asterisk
>>
>> # cat /etc/asterisk/http.conf
>> [general]
>> servername=Asterisk
>> enabled=yes
>> bindaddr=0.0.0.0
>> bindport=8088
>> tlsenable=yes
>> tlsbindaddr=0.0.0.0:8089
>> tlscertfile=/etc/asterisk/keys/asterisk.pem
>> ;tlsprivatekey=keys/asterisk.key
>>
>> # ls -lR /etc/asterisk/keys
>> /etc/asterisk/keys:
>> total 32
>> -rw-rw-r-- 1 asterisk asterisk 1229 janv. 6 16:00 asterisk.crt
>> -rw-rw-r-- 1 ast...
2016 Oct 26
2
Problem setting up ssl connection
...26 14:38:19] ERROR[2992]: tcptls.c:609 handle_tcptls_connection:
Problem setting up ssl connection: error:14094418:SSL
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
[Oct 26 14:38:19] WARNING[2992]: tcptls.c:684 handle_tcptls_connection:
FILE * open failed!
I have in sip.conf :
tlsenable=yes
tlsbindaddr=0.0.0.0
tlscertfile=/etc/asterisk/keys/asterisk.pem
tlsdontverifyserver=yes
tlscipher=ALL
;tlsclientmethod=tlsv2
/etc/asterisk/keys :
-rw------- 1 root root 1,2K okt 26 14:25 asterisk.crt
-rw------- 1 root root 574 okt 26 14:24 asterisk.csr
-rw------- 1 root root 887 okt 26 14:24 asterisk.key...
2010 Feb 16
6
Asterisk listens on all NICs
Hello List.
I am puzzled and how asterisk listens to calls or connections from clients. When I do a netstat -nat I don't see asterisk listening on port 5060. Now, I'm testing a server with three network interfaces: two to the internet doing load balancing and the other to our LAN. I would like asterisk to only accept connections coming from our LAN but, can't find where to configure
2013 Mar 10
2
IPv6 and IPv4 binding address on a server with 2 network cards
...he IPv4 wildcard. Example:
bindaddr=0.0.0.0/
/; d) Listen on the IPv4 and IPv6 wildcards. Example: bindaddr=::/
/; (You can choose independently for UDP, TCP, and TLS, by
specifying different values for/
/; "udpbindaddr", "tcpbindaddr", and "tlsbindaddr".)/
/; (Note that using bindaddr=:: will show only a single IPv6 socket
in netstat./
/; IPv4 is supported at the same time using IPv4-mapped IPv6
addresses.)/
/;/
/; You may optionally add a port number. (The default is port 5060
for UDP and TCP, 5061/
/; for T...
2019 Nov 18
2
How to set http.conf for HTTPS support on Debian Buster ?
...-rw------- 1 root root 161 nov. 18 20:46 ca.cfg
-rw------- 1 root root 1781 nov. 18 20:46 ca.crt
-rw------- 1 root root 3311 nov. 18 20:46 ca.key
-rw------- 1 root root 124 nov. 18 20:46 tmp.cfg
# cat /etc/asterisk/http.conf
[general]
enabled=yes
bindaddr=0.0.0.0
bindport=8088
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/etc/asterisk/keys/asterisk.pem
But, still I don't have any HTTPS server running:
# asterisk -rx "http show status"
HTTP Server Status:
Prefix:
Server: Asterisk/17.0.0
Server Enabled and Bound to 0.0.0.0:8088
Enabled URI's:
/httpstatus => Asterisk HT...
2020 Apr 17
0
[SOLVED]Re: TLS/SSL error loading cert file. </etc/asterisk/keys/asterisk.pem> [Almost SOLVED]
...17:53 0:06
>>> /usr/sbin/asterisk -g -f -p -U asterisk
>>>
>>> # cat /etc/asterisk/http.conf
>>> [general]
>>> servername=Asterisk
>>> enabled=yes
>>> bindaddr=0.0.0.0
>>> bindport=8088
>>> tlsenable=yes
>>> tlsbindaddr=0.0.0.0:8089
>>> tlscertfile=/etc/asterisk/keys/asterisk.pem
>>> ;tlsprivatekey=keys/asterisk.key
>>>
>>> # ls -lR /etc/asterisk/keys
>>> /etc/asterisk/keys:
>>> total 32
>>> -rw-rw-r-- 1 asterisk asterisk 1229 janv. 6 16:00 asterisk.c...
2011 Jun 07
1
tls/srtp: sip_xmit error: returned -2
...yond just this need, so I'm
using openssl commands directly and everything works elsewhere- so my CA
setup is fine (includes SAN).
My config for tls/srtp looks like this (remember, the rest works very
happily):
[global]
encryption = yes
tlsenable = yes
tlsbindaddr = 0.0.0.0
tlscertfile =
/path/to/asterisk/certificate/and/key/in/a/single/file
tlscafile = /path/to/CA/certificate
tlscipher = ALL
tlsclientmethod = tlsv1
[tls user]
transport = tls
Can so...
2015 Sep 15
3
Asterisk 13 WebRTC Status report
...e-reg](!)
type=aor
remove_existing=yes
max_contacts=1
;===============DEVICES
[webrtc1](endpoint-basic)
auth=webrtc1
aors=webrtc1
[webrtc1](auth-userpass)
password=secret
username=webrtc1
[webrtc1](aor-single-reg)
relevant part of http.conf
[general]
enabled=yes
bindaddr=0.0.0.0
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/etc/pki/tls/certs/pbx.crt
tlsprivatekey=/etc/pki/tls/private/pbx.key
--
---------------------------------------
Marek Cervenka
=======================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium...
2015 Mar 18
0
TLS not working in 11.16
Kindly guide with debugging TLS issue in asterisk 11.16. Compiled from
source and works all ok !
Added the below to sip.conf
tlsenable=yes
tlsbindaddr=0.0.0.0:5061
However asterisk doesn't even listen to port 5061
sudo netstat -anp
Kindly guide
Thanks
Best,
Chirag A.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20150318/f4668f63/attachment....
2020 Jan 06
0
TLS/SSL error loading cert file. </etc/asterisk/keys/asterisk.pem>
...sterisk:asterisk:
>
> asterisk 11097 0.3 6.7 741352 67984 ? Ssl 17:53 0:06
> /usr/sbin/asterisk -g -f -p -U asterisk
>
> # cat /etc/asterisk/http.conf
> [general]
> servername=Asterisk
> enabled=yes
> bindaddr=0.0.0.0
> bindport=8088
> tlsenable=yes
> tlsbindaddr=0.0.0.0:8089
> tlscertfile=/etc/asterisk/keys/asterisk.pem
> ;tlsprivatekey=keys/asterisk.key
>
> # ls -lR /etc/asterisk/keys
> /etc/asterisk/keys:
> total 32
> -rw-rw-r-- 1 asterisk asterisk 1229 janv. 6 16:00 asterisk.crt
> -rw-rw-r-- 1 asterisk asterisk 586 janv. 6 15:...
2011 Apr 01
0
Incoming SRTP call not working with Bria iPhone Edition
...== Using SIP RTP CoS mark 5
-- Executing [400 at local:1] Dial("SIP/500-00000004", "SIP/400,20") in
new stack
== Using SIP RTP CoS mark 5
-- Called 400
SSL certificate ok
-- Nobody picked up in 20000 ms
}}}
My config files are :
* sip.conf :
{{{
tlsenable=yes
tlsbindaddr=0.0.0.0
tlscertfile=/etc/asterisk/keys/asterisk.pem
tlscafile=/etc/asterisk/keys/ca.crt
tlscipher=ALL
tlsclientmethod=tlsv1 ;none of the others seem to work with Blink as the
client
[400]
type=peer
secret=400 ;note that this is NOT a secure password
host=dynamic
context=local
dtmfmode=rfc2833
disa...
2014 Feb 16
0
SIP TLS question for asterisk 11
Hi All,
I'm on a middle of an asterisk installation/configuration for my company
and I'm testing the TLS configuration.
For this reason, I used the ast_tls_cert script to build the ssl
certificates for my server.
On sip.conf file:
tlsenable=yes
tlsbindaddr=0.0.0.0
tlscertfile=/etc/asterisk/keys/asterisk.pem
tlscafile=/etc/asterisk/keys/ca.crt
tlscipher=ALL
tlsclientmethod=tlsv1
and on my extension number configuration:
transport=tls
Finally, my phone was registered successfully on my asterisk server.
But, during my tests and while I switched on sip...
2014 Aug 12
0
Asterisk 11.11 with TCP/TLS SRTP and Grandstream gxp1450 not working
...k
== Problem setting up ssl connection: error:14077410:SSL
routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
WARNING[7421]: tcptls.c:668 handle_tcptls_connection: FILE * open failed!
Encryption is configured via
;-------------------------Encryption-----
encryption=yes
tlsenable=yes
tlsbindaddr=::
tlscertfile=/var/lib/asterisk/keys/asterisk.pem
tlscafile=/var/lib/asterisk/keys/ca.crt
tlscipher=ALL
srtpcapable=yes
;tlsclientmethod=tlsv1
tlsdontverifyserver=yes
and the phone is sourced by
context=default ; Default context for incoming calls
allowoverlap=no
udpbindaddr=::...
2014 Aug 13
0
SRTP only from asterisk to extention possible
...ideas what could be wrong?
[general]
allowguest=no
alwaysauthreject=yes
nat=force_rport,comedia
sendrpid=rpid
trustrpid=yes
language=de
callevents=yes
qualify=yes
faxdetect=yes
t38pt_udptl=no
disallow=all
allow=ulaw
allow=alaw
;-------------------------Encryption-----
encryption=yes
tlsenable=yes
tlsbindaddr=0.0.0.0
tlscertfile=/var/lib/asterisk/keys/asterisk.pem
tlscafile=/var/lib/asterisk/keys/ca.crt
tlscipher=ALL
tlsclientmethod=tlsv1
tlsdontverifyserver=yes
;--------------------------Default----------------
context=default ; Default context for incoming calls
allowoverlap=no
udpbind...