Displaying 13 results from an estimated 13 matches for "tlsprivatekey".
2020 Jan 07
1
Improve Wiki's "WebRTC config" page
...-w 1
/etc/asterisk/keys', could a 'ls -l /etc/asterisk/keys' be used ?
This would help to check file permissions.
If possible, having those file permissions shown when Asterisk is run as
asterisk:asterisk would be very helpful.
2. Instead of a generic
tlscertfile=<your_cert_file>
tlsprivatekey=<your_key_file>
could a specific writing be preferred
tlscertfile=/etc/asterisk/keys/asterisk.crt
tlsprivatekey=/etc/asterisk/keys/asterisk.key
This would be consistent with the "We'll use the asterisk.crt, asterisk.key
and ca.crt" text, a couple of lines above.
3. If I'm...
2020 Jan 06
4
TLS/SSL error loading cert file. </etc/asterisk/keys/asterisk.pem>
...risk:
asterisk 11097 0.3 6.7 741352 67984 ? Ssl 17:53 0:06
/usr/sbin/asterisk -g -f -p -U asterisk
# cat /etc/asterisk/http.conf
[general]
servername=Asterisk
enabled=yes
bindaddr=0.0.0.0
bindport=8088
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/etc/asterisk/keys/asterisk.pem
;tlsprivatekey=keys/asterisk.key
# ls -lR /etc/asterisk/keys
/etc/asterisk/keys:
total 32
-rw-rw-r-- 1 asterisk asterisk 1229 janv. 6 16:00 asterisk.crt
-rw-rw-r-- 1 asterisk asterisk 586 janv. 6 15:59 asterisk.csr
-rw-rw-r-- 1 asterisk asterisk 887 janv. 6 15:59 asterisk.key
-rw-rw-r-- 1 asterisk asterisk...
2018 Dec 07
2
Question on WebRTC configuration
...onfiguring+Asterisk+for+WebRTC+Clients
"To communicate with websocket clients, Asterisk uses its built-in HTTP daemon. Configure /etc/asterisk/http.conf as follows:
[general]
enabled=yes
bindaddr=0.0.0.0
bindport=8088
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=<your_cert_file>
tlsprivatekey=<your_key_file>
tlscafile=<your_ca_cert_file>"
What is the tlscafile setting?
When I look at the http.conf samples it doesn't mention the tlscafile setting.
I see there is a tlscafile setting in sip.conf, but I don't find this anywhere else.
Is the wiki web page mistaken...
2015 Jan 14
1
WSS Socket Configuration
Hi Alexey,
This is what works for me:
[http.conf]:
tlsenable=yes ; enable tls - default no.
tlsbindaddr=144.x.y.z:8089 ; address and port to bind to - default is
bindaddr and port 8089.
tlscertfile=/etc/asterisk/keys/mycert.pem ; path to the certificate
file (*.pem) only.
tlsprivatekey=/etc/asterisk/keys/mycert.pem ; path to private key file
(*.pem) only.
Date: Tue, 13 Jan 2015 10:02:08 +0000
From: Alexej Starschenko <a.starschenko at sabienzia.com>
To: "asterisk-users at lists.digium.com" <asterisk-users at lists.digium.com>
Subject: [asterisk-users] WSS...
2020 Jan 08
2
TLS/SSL error loading cert file. </etc/asterisk/keys/asterisk.pem> [Almost SOLVED]
...p -U asterisk
>>
>> # cat /etc/asterisk/http.conf
>> [general]
>> servername=Asterisk
>> enabled=yes
>> bindaddr=0.0.0.0
>> bindport=8088
>> tlsenable=yes
>> tlsbindaddr=0.0.0.0:8089
>> tlscertfile=/etc/asterisk/keys/asterisk.pem
>> ;tlsprivatekey=keys/asterisk.key
>>
>> # ls -lR /etc/asterisk/keys
>> /etc/asterisk/keys:
>> total 32
>> -rw-rw-r-- 1 asterisk asterisk 1229 janv. 6 16:00 asterisk.crt
>> -rw-rw-r-- 1 asterisk asterisk 586 janv. 6 15:59 asterisk.csr
>> -rw-rw-r-- 1 asterisk asterisk 8...
2015 Mar 03
2
TLS, SRTP, Asterisk11 and Snom870s
...t; JBB> tlscertfile=/etc/pki/asterisk/ca.harte-lyne.hamilton.asterisk.crt
> JBB> tlscafile=/etc/pki/tls/certs/ca-bundle.crt
> JBB> tlsdontverifyserver=yes
> JBB> tlscipher=ALL
> JBB> tlsclientmethod=tlsv1
>
> You are missing the tls key.
>
> The config name is tlsprivatekey; set that to the filename of your tls
> key, akin to how tlscertfile is set.
>
> -JimC
Thank you. The settings in sip_general_additional.conf are now:
tcpenable=yes
tlsenable=yes
tlscertfile=/etc/pki/asterisk/ca.harte-lyne.hamilton.asterisk.pem
tlscafile=/etc/pki/tls/certs/ca-bundle.crt...
2015 Mar 03
6
TLS, SRTP, Asterisk11 and Snom870s
CentOS-6.5 (FreePBX-2.6)
Asterisk-11.14.2 (FreePBX)
snom870-SIP 8.7.3.25.5
I am having a very difficult time attempting to get TLS and SRTP
working with Asterisk and anything else. At the moment I am trying to
get TLS functioning with our Snom870 desk-sets. And I am not having
much luck.
Since this is an extraordinarily (to me) Byzantine environemnt I am
going to ask if any of you have gotten
2020 Apr 17
0
[SOLVED]Re: TLS/SSL error loading cert file. </etc/asterisk/keys/asterisk.pem> [Almost SOLVED]
...t /etc/asterisk/http.conf
>>> [general]
>>> servername=Asterisk
>>> enabled=yes
>>> bindaddr=0.0.0.0
>>> bindport=8088
>>> tlsenable=yes
>>> tlsbindaddr=0.0.0.0:8089
>>> tlscertfile=/etc/asterisk/keys/asterisk.pem
>>> ;tlsprivatekey=keys/asterisk.key
>>>
>>> # ls -lR /etc/asterisk/keys
>>> /etc/asterisk/keys:
>>> total 32
>>> -rw-rw-r-- 1 asterisk asterisk 1229 janv. 6 16:00 asterisk.crt
>>> -rw-rw-r-- 1 asterisk asterisk 586 janv. 6 15:59 asterisk.csr
>>> -rw-r...
2015 Sep 15
3
Asterisk 13 WebRTC Status report
...========DEVICES
[webrtc1](endpoint-basic)
auth=webrtc1
aors=webrtc1
[webrtc1](auth-userpass)
password=secret
username=webrtc1
[webrtc1](aor-single-reg)
relevant part of http.conf
[general]
enabled=yes
bindaddr=0.0.0.0
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/etc/pki/tls/certs/pbx.crt
tlsprivatekey=/etc/pki/tls/private/pbx.key
--
---------------------------------------
Marek Cervenka
=======================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20150915/45021614/attach...
2015 Mar 03
0
TLS, SRTP, Asterisk11 and Snom870s
...> tcpenable=yes
JBB> tlsenable=yes
JBB> tlscertfile=/etc/pki/asterisk/ca.harte-lyne.hamilton.asterisk.crt
JBB> tlscafile=/etc/pki/tls/certs/ca-bundle.crt
JBB> tlsdontverifyserver=yes
JBB> tlscipher=ALL
JBB> tlsclientmethod=tlsv1
You are missing the tls key.
The config name is tlsprivatekey; set that to the filename of your tls
key, akin to how tlscertfile is set.
-JimC
--
James Cloos <cloos at jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
2020 Jan 06
0
TLS/SSL error loading cert file. </etc/asterisk/keys/asterisk.pem>
...17:53 0:06
> /usr/sbin/asterisk -g -f -p -U asterisk
>
> # cat /etc/asterisk/http.conf
> [general]
> servername=Asterisk
> enabled=yes
> bindaddr=0.0.0.0
> bindport=8088
> tlsenable=yes
> tlsbindaddr=0.0.0.0:8089
> tlscertfile=/etc/asterisk/keys/asterisk.pem
> ;tlsprivatekey=keys/asterisk.key
>
> # ls -lR /etc/asterisk/keys
> /etc/asterisk/keys:
> total 32
> -rw-rw-r-- 1 asterisk asterisk 1229 janv. 6 16:00 asterisk.crt
> -rw-rw-r-- 1 asterisk asterisk 586 janv. 6 15:59 asterisk.csr
> -rw-rw-r-- 1 asterisk asterisk 887 janv. 6 15:59 asterisk.k...
2013 Aug 12
0
Asterisk WebRTC Support : WSS connection setup fails with error:00000000
...06:50:10] WARNING[8037] tcptls.c: FILE * open failed!
************ config **********
my http.conf
---------------------
tlsenable=yes
tlsbindport=8089
tlsbindaddr=0.0.0.0
;tlscertfile=/etc/asterisk/keys/asterisk.crt
tlscertfile=/etc/asterisk/keys/asterisk.pem
tlscafile=/etc/asterisk/keys/ca.crt
tlsprivatekey=/etc/asterisk/keys/asterisk.key
tlscipher=ALL
tlsclientmethod=tlsv1
;tlsverifyclient=no
;tlsdontverifyserver=yes
--
Rgds
astlov
2011 Mar 01
3
TLS/SRTP calls go to circuit busy.
...ALING ${CHANNEL(secure_signaling)} )
exten => 600,n,NOOp( SECURE media ${CHANNEL(secure_media)} )
exten => 600,n,Answer()
exten => 600,n,Playback(demo-echotest)
exten => 600,n,Echo()
exten => _X.,1,Dial(SIP/CM8/${EXTEN:0},30,rt)
[general]
tlsenable=yes
tlsbindaddr=172.16.200.60
;tlsprivatekey=/usr/local/ssl/misc/asteriskkey.pem
;tlscertfile=/usr/local/ssl/misc/asteriskcert.pem
tlscertfile=/etc/asterisk/keys/asterisk.pem
tlscafile=/etc/asterisk/keys/ca.crt
tlscipher=ALL
;tlscafile=/usr/local/ssl/misc/demoCA/cacert.pem
tlsclientmethod=tlsv1
[6001]
type=friend
secret=erasmus123
callerid=&...