Displaying 3 results from an estimated 3 matches for "tlscapath".
2016 May 04
2
Asterisk 1.8 secure SIP session only
...D_BYTES:tlsv1 alert unknown ca
[2016-05-04 09:31:17] WARNING[30032]: tcptls.c:254 handle_tcptls_connection:
FILE * open failed!
I tried both signed and self-signed cert to no avail.
Here is my Configuration:
Sip.conf
tlsenable=yes
tlsbindaddr=0.0.0.0
tlscertfile=/etc/asterisk/keys/box1.pem
tlscapath=/etc/asterisk/keys
tlscipher=ALL
tlsclientmethod=tlsv1
sip.conf ext.
[5006]
type=peer
context=sipext
call-limit=3
trustrpid=no
callerid="Rec" <5006>
disallow=all
allow=ulaw
allow=alaw
username=5006
secret=9fcbb025200881850526bc57d59885c3
dtmfmode=rfc2833
host=dyna...
2019 Jul 06
4
unsolved: Re: solved: how to create a working certificate for using TLS?
...ting to asterisk
using encryption, so I suppose my own certificate is required.
> To be able to verify the certificate of the ISP, asterisk has to know the local CA database. For CentOS 7, this is /etc/pki/tls/certs/ca-bundle.crt.
How did you know I'm doing this on Centos? :)
Setting 'tlscapath' to /etc/pki or to /etc/pki/ca-trust/source/ didn't seem to
make a difference, so I figured that this might be figured out automatically
since 'openssl s_client ...' apparently does figure it out automatically.
There is much figuring involved for the wanting of clear documentation ....
2019 Jul 05
2
unsolved: Re: solved: how to create a working certificate for using TLS?
On 7/5/19 9:32 PM, John Runyon wrote:
> On Fri, 5 Jul 2019 at 14:28, hw <hw at gc-24.de <mailto:hw at gc-24.de>> wrote:
>
> I thought about that and checked the configuration I've been using to
> create the certificate, and I can't see anywhere that it would expire
> earlier than after 3650 days. Is there another way to check this?
>
>