search for: tlscipher

...[2016-05-04 09:31:17] WARNING[30032]: tcptls.c:254 handle_tcptls_connection: FILE * open failed! I tried both signed and self-signed cert to no avail. Here is my Configuration: Sip.conf tlsenable=yes tlsbindaddr=0.0.0.0 tlscertfile=/etc/asterisk/keys/box1.pem tlscapath=/etc/asterisk/keys tlscipher=ALL tlsclientmethod=tlsv1 sip.conf ext. [5006] type=peer context=sipext call-limit=3 trustrpid=no callerid="Rec" <5006> disallow=all allow=ulaw allow=alaw username=5006 secret=9fcbb025200881850526bc57d59885c3 dtmfmode=rfc2833 host=dynamic mailbox=5006 nat=yes ca...

...to work and if so could you provide the details? I have this in Asterisk sip.conf (loaded through FreePBXs sip_general_additional.conf). tcpenable=yes tlsenable=yes tlscertfile=/etc/pki/asterisk/ca.harte-lyne.hamilton.asterisk.crt tlscafile=/etc/pki/tls/certs/ca-bundle.crt tlsdontverifyserver=yes tlscipher=ALL tlsclientmethod=tlsv1 And I have this for the test device context: [41712] deny=0.0.0.0/0.0.0.0 secret=NearlyANastyThat dtmfmode=rfc2833 canreinvite=no context=from-internal host=dynamic trustrpid=yes sendrpid=no type=friend nat=no port=5060 qualify=yes qualifyfreq=60 transport=tls,udp,tcp av...

...connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca [Oct 26 14:38:19] WARNING[2992]: tcptls.c:684 handle_tcptls_connection: FILE * open failed! I have in sip.conf : tlsenable=yes tlsbindaddr=0.0.0.0 tlscertfile=/etc/asterisk/keys/asterisk.pem tlsdontverifyserver=yes tlscipher=ALL ;tlsclientmethod=tlsv2 /etc/asterisk/keys : -rw------- 1 root root 1,2K okt 26 14:25 asterisk.crt -rw------- 1 root root 574 okt 26 14:24 asterisk.csr -rw------- 1 root root 887 okt 26 14:24 asterisk.key -rw------- 1 root root 2,1K okt 26 14:25 asterisk.pem -rw------- 1 root root 160 okt 2...

...James B Byrne <byrnejb at harte-lyne.ca> writes: > > JBB> tcpenable=yes > JBB> tlsenable=yes > JBB> tlscertfile=/etc/pki/asterisk/ca.harte-lyne.hamilton.asterisk.crt > JBB> tlscafile=/etc/pki/tls/certs/ca-bundle.crt > JBB> tlsdontverifyserver=yes > JBB> tlscipher=ALL > JBB> tlsclientmethod=tlsv1 > > You are missing the tls key. > > The config name is tlsprivatekey; set that to the filename of your tls > key, akin to how tlscertfile is set. > > -JimC Thank you. The settings in sip_general_additional.conf are now: tcpenable=yes t...

...er, the rest works very happily): [global] encryption = yes tlsenable = yes tlsbindaddr = 0.0.0.0 tlscertfile = /path/to/asterisk/certificate/and/key/in/a/single/file tlscafile = /path/to/CA/certificate tlscipher = ALL tlsclientmethod = tlsv1 [tls user] transport = tls Can someone give me any clues to what is happening? I've checked my packet flow with tcpdump and wireshark as well, but I'm still left mystified. Cheers

...gt;>>> "JBB" == James B Byrne <byrnejb at harte-lyne.ca> writes: JBB> tcpenable=yes JBB> tlsenable=yes JBB> tlscertfile=/etc/pki/asterisk/ca.harte-lyne.hamilton.asterisk.crt JBB> tlscafile=/etc/pki/tls/certs/ca-bundle.crt JBB> tlsdontverifyserver=yes JBB> tlscipher=ALL JBB> tlsclientmethod=tlsv1 You are missing the tls key. The config name is tlsprivatekey; set that to the filename of your tls key, akin to how tlscertfile is set. -JimC -- James Cloos <cloos at jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6

..."SIP/400,20") in new stack == Using SIP RTP CoS mark 5 -- Called 400 SSL certificate ok -- Nobody picked up in 20000 ms }}} My config files are : * sip.conf : {{{ tlsenable=yes tlsbindaddr=0.0.0.0 tlscertfile=/etc/asterisk/keys/asterisk.pem tlscafile=/etc/asterisk/keys/ca.crt tlscipher=ALL tlsclientmethod=tlsv1 ;none of the others seem to work with Blink as the client [400] type=peer secret=400 ;note that this is NOT a secure password host=dynamic context=local dtmfmode=rfc2833 disallow=all allow=g722,gsm transport=tls encryption=yes context=local [500] type=peer secret=500 ;no...

...n/configuration for my company and I'm testing the TLS configuration. For this reason, I used the ast_tls_cert script to build the ssl certificates for my server. On sip.conf file: tlsenable=yes tlsbindaddr=0.0.0.0 tlscertfile=/etc/asterisk/keys/asterisk.pem tlscafile=/etc/asterisk/keys/ca.crt tlscipher=ALL tlsclientmethod=tlsv1 and on my extension number configuration: transport=tls Finally, my phone was registered successfully on my asterisk server. But, during my tests and while I switched on sip debug mode, I have seen that on Register I have TLS and on Subscribe I have UDP. Please check the...

...t handshake failure WARNING[7421]: tcptls.c:668 handle_tcptls_connection: FILE * open failed! Encryption is configured via ;-------------------------Encryption----- encryption=yes tlsenable=yes tlsbindaddr=:: tlscertfile=/var/lib/asterisk/keys/asterisk.pem tlscafile=/var/lib/asterisk/keys/ca.crt tlscipher=ALL srtpcapable=yes ;tlsclientmethod=tlsv1 tlsdontverifyserver=yes and the phone is sourced by context=default ; Default context for incoming calls allowoverlap=no udpbindaddr=:: tcpenable=yes tcpbindaddr=:: srvlookup=yes and [IPV6](!,my-codecs) dtmfmode=rfc2833 context=sip-out...

...pid trustrpid=yes language=de callevents=yes qualify=yes faxdetect=yes t38pt_udptl=no disallow=all allow=ulaw allow=alaw ;-------------------------Encryption----- encryption=yes tlsenable=yes tlsbindaddr=0.0.0.0 tlscertfile=/var/lib/asterisk/keys/asterisk.pem tlscafile=/var/lib/asterisk/keys/ca.crt tlscipher=ALL tlsclientmethod=tlsv1 tlsdontverifyserver=yes ;--------------------------Default---------------- context=default ; Default context for incoming calls allowoverlap=no udpbindaddr=0.0.0.0 tcpenable=yes tcpbindaddr=0.0.0.0 srvlookup=yes [my-codecs](!) ; a templa...

...failed! ************ config ********** my http.conf --------------------- tlsenable=yes tlsbindport=8089 tlsbindaddr=0.0.0.0 ;tlscertfile=/etc/asterisk/keys/asterisk.crt tlscertfile=/etc/asterisk/keys/asterisk.pem tlscafile=/etc/asterisk/keys/ca.crt tlsprivatekey=/etc/asterisk/keys/asterisk.key tlscipher=ALL tlsclientmethod=tlsv1 ;tlsverifyclient=no ;tlsdontverifyserver=yes -- Rgds astlov

...IP 'encrypted' sip.conf looks like this: [general] context=guest allowguest=no allowoverlap=no allowtransfer=no bindaddr=0.0.0.0:5060 udpbindaddr=0.0.0.0:5060 tcpenable=no tlsenable=yes tlsbindaddr=0.0.0.0 tlscertfile=/etc/asterisk/keys/asterisk.pem tlscafile=/etc/asterisk/keys/ca.crt tlscipher=ALL tlsclientmethod=tlsv1 transport=udp preferred_codec_only=no disallow=all allow=ulaw language=en trustrpid=no dtmfmode=rfc2833 videosupport=no alwaysauthreject=yes directmedia=no jbenable = yes jbforce = no [encrypted] type=friend secret=1234 context=internal callerid="Encrypted" &l...

...p.conf: [general] context = default udpbindaddr = 0.0.0.0 tcpenable = no tcpbindaddr = 0.0.0.0 allowguest = no allow = ulaw allow = alaw allow = gsm allow = g722 tlsenable = yes tlsbindaddr = 0.0.0.0 tlscertfile = / etc / asterisk / keys / asterisk.pem tlscafile = / etc / asterisk / keys / ca.crt tlscipher = ALL tlsclientmethod = TLSv1 [1001] context = default type = friend username = 1001 secret = 1000 dtmfmode = rfc2833 callerid = 1001 host = dynamic transport = tls [1002] context = default type = friend username = 1002 secret = 1002 dtmfmode = rfc2833 host = dynamic transport = tls extensions....

...> > I have this in Asterisk sip.conf (loaded through FreePBXs > sip_general_additional.conf). > > tcpenable=yes > tlsenable=yes > tlscertfile=/etc/pki/asterisk/ca.harte-lyne.hamilton.asterisk.crt > tlscafile=/etc/pki/tls/certs/ca-bundle.crt > tlsdontverifyserver=yes > tlscipher=ALL > tlsclientmethod=tlsv1 > > And I have this for the test device context: > > [41712] > deny=0.0.0.0/0.0.0.0 > secret=NearlyANastyThat > dtmfmode=rfc2833 > canreinvite=no > context=from-internal > host=dynamic > trustrpid=yes > sendrpid=no > type=friend...

...t; [Oct 26 14:38:19] WARNING[2992]: tcptls.c:684 > handle_tcptls_connection: FILE * open failed! > > I have in sip.conf : > > tlsenable=yes > tlsbindaddr=0.0.0.0 > > tlscertfile=/etc/asterisk/keys/asterisk.pem > tlsdontverifyserver=yes > tlscipher=ALL > ;tlsclientmethod=tlsv2 > > /etc/asterisk/keys : > > -rw------- 1 root root 1,2K okt 26 14:25 asterisk.crt > -rw------- 1 root root 574 okt 26 14:24 asterisk.csr > -rw------- 1 root root 887 okt 26 14:24 asterisk.key > -rw------- 1 root root 2,...

...this? Here's my relevant files. *;sip.conf:* [general] udpbindaddr=0.0.0.0:5060 realm=10.201.0.106 ;replace with your Asterisk server public IP address or host transport=udp,ws,wss tlsenable=yes tlsbindaddr=0.0.0.0 tlscertfile=/etc/asterisk/keys/asterisk.pem tlscafile=/etc/asterisk/keys/ca.crt tlscipher=ALL tlsclientmethod=tlsv1 [6000] host=dynamic secret=mysecret context=default type=friend icesupport=yes directmedia=no disallow=all allow=ulaw qualify=yes [6001] host=dynamic secret=mysecret context=default type=friend encryption=yes avpf=yes force_avp=yes icesupport=yes directmedia=no disallow=...

hello, i'm facing strange problem asterisk13.5 + chan_sip wss transport + SIPML5 1.5.230 person1 to person3 are behind different NATs audio devices double checked call from person1(chrome) to person2(chrome) works call from person1(chrome) to person 3(chrome) - no audio on both side (RTP flowing only in one direction) call from person2(chrome) to person 3(chrome) - no audio on both side

Am 23.06.2020 16:22, schrieb Marek Greško: > It seems your problems lie in something other. Most probably it is not > mtu problem. All my suspections are contradicted. If it is true you > have inter vlan voice quality problems, it is definitely something > different. Formerly I assumed you were trying only LTE vs LAN using > internet. I'm not sure what you mean with the last

...and x32 - undefined reference to symbol 'dlopen@@GLIBC_2.2' (Reported by Tzafrir Cohen) * ASTERISK-26566 - res_rtp_asterisk: RTT miscalculation in RTCP (Reported by Hector Royo Concepcion) * ASTERISK-26604 - chan_sip: sip reload doesn't apply changes to tlscertfile, tlsciphers, etc. (Reported by Michael Kuron) * ASTERISK-26603 - [patch] chan_pjsip: not switching sending codec to receiving codec when asymmetric_rtp_codec=no (Reported by Alexei Gradinari) * ASTERISK-26523 - chan_sip: Asterisk 13.12.1 disconnects incoming calls after 2 minutes - rtptime...

...and x32 - undefined reference to symbol 'dlopen@@GLIBC_2.2' (Reported by Tzafrir Cohen) * ASTERISK-26566 - res_rtp_asterisk: RTT miscalculation in RTCP (Reported by Hector Royo Concepcion) * ASTERISK-26604 - chan_sip: sip reload doesn't apply changes to tlscertfile, tlsciphers, etc. (Reported by Michael Kuron) * ASTERISK-26608 - Compile and link failures on OpenBSD (Reported by snuffy) Improvements made in this release: ----------------------------------- * ASTERISK-23828 - pjsip - Need a command to list active SIP subscriptions (Reported by Rusty Newton)...