similar to: Revoking a TLS certificat created with ast_tls_cert

Hi, I tried it the implementation of TLS in asterisk 1.8.4.3 on ubuntu 10.04. I follow the tutorial: https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial. and I use blink as a softphone in ny client in windows. for regular communication process (without TLS) smoothly, but when it just follow the tutorial, it is always error on his softphone: transport error. my configuration like

Hi List, I'm trying to set my Asterisk 1.8.20.1 with TLS on CentOS 5.9, it was easy and straightforward with Debian 6.0.6, but when I introduce this command on CentOS: #./ast_tls_cert -C 10.200.108.17 -O "MyCompany" -d /etc/asterisk/keys/ I got this error message: hostname: Unknown host Same result happens when using server's hostname: #./ast_tls_cert -C ast-centos -O

Hello, After countless hours on, this I found the root cause of HTTPS settings on Debian Buster. All this came from ast_tls_cert script using 1024 bits-long keys where Debian's defaut was to require at least 2048-long keys ! Simply passing -b 2048 to ast_tls_cert solved it. 1. May I suggest mentioning explicitly this possibility in wiki page [1] ? 2. What would you say of adding an extra

Hi there! What am I doing wrong? I created a ssh-certificate id_user_rsa-cert.pub with this dump: id_user_rsa-cert.pub: root at host # ssh-keygen -Lf id_user_rsa-cert.pub ??????? Type: ssh-rsa-cert-v01 at openssh.com user certificate ??????? Public key: RSA-CERT SHA256:kPitwgxblaUH4viBoFoozSPq9Pblubbedk ??????? Signing CA: ED25519 SHA256:8p2foobarQo3Tfcblubb5+I5cboeckvpnktiHdUs ??????? Key ID:

Hi Daminan! Hmmm... thought about a little... when i use -vvv with ssh-keygen -Qf i see "debug1:..." So i think, debug is compiled in. ssh-keygen --help gives me ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number] file ... so... option -z is not the serial of the certificate, it is the version-number of the KRL-File... My openssh-Verision from Debian is

Hi, I have to connect 3 asterisk servers,each of them being TLS server for his clients and connected in both way in TLS with both others asterisk, each having hi own Common Name. Is this possible? I set up 2 asterik's , one server and the other client, this is OK. But I can't deal with certificats generated on both servers. I tried to put tlscertfile ans tlscafile in the peer

Hi All, I'm on a middle of an asterisk installation/configuration for my company and I'm testing the TLS configuration. For this reason, I used the ast_tls_cert script to build the ssl certificates for my server. On sip.conf file: tlsenable=yes tlsbindaddr=0.0.0.0 tlscertfile=/etc/asterisk/keys/asterisk.pem tlscafile=/etc/asterisk/keys/ca.crt tlscipher=ALL tlsclientmethod=tlsv1 and on

Hi, I followed the TLS/SRTP tutorial on the wiki [0] using Asterisk 11.8.1 on CentOS 6.5 x86_64 and CSipSimple on a Nexus with Android 4.4.x local wifi. The phone seems to register but directly after that things fall apart (turning SELinux off made no difference): *CLI> -- Registered SIP 'encrypted' at 10.0.0.137:58079 > Saved useragent

Hi all, i have had sip TLS with an own signed certificate (using the ast_tls_cert script) running on asterisk-1.8.8 - i then have updated to 1.8.9.3 - and now i get the message "FILE * open failed!" I have already recreated the certificates with the script - but still no luck... Does anyone here know the source of the problem ? best regards, Wolfgang Pichler

Hello, Le lun. 6 janv. 2020 à 19:01, Olivier <oza.4h07 at gmail.com> a écrit : > May I add I could successfully (if pjsip show transports has any meaning) > add a PJSIP TLS-transport with: > > [transport-tls] > type=transport > protocol=tls > bind=0.0.0.0:5061 > cert_file=/etc/asterisk/keys/asterisk.crt > priv_key_file=/etc/asterisk/keys/asterisk.key >

Hi, next problem with outlook 2003 On the IMAP Server (dovecot.x86_64 1.0.7-7.el5) I created a certificate with "mkcert_dovecot.sh". Some entries as be written to "/etc/pki/dovecot/dovecot-openssl.cnf". plaintext paswords are disables. IMAP Serverport: 993 Server needs SSL Now the outlook 2003 clients meens "the server uses a security certificate, which could not be

https://bugzilla.mindrot.org/show_bug.cgi?id=3659 Bug ID: 3659 Summary: Certificates are ignored when listing revoked items in a (binary) revocation list Product: Portable OpenSSH Version: 9.2p1 Hardware: All OS: All Status: NEW Severity: minor Priority: P5

Hello, I install samba-ldap-pdc on a ubuntu. I join well the domain with root user, but when I restart, root or user login don't work. I can access to share via network with root or user login. when I try under winXP pro to change security of a file, I can't access to server user list : "bad user or passwd" I've no error in log.smbd or debug my smb.conf [global] smb ports

I am running Postfix and Dovecot on my mail server. I am required now to have SSL/TLS on my mail server. I did check and found out that I have a SSL certificate with Verisign issued to my mail servers FQDN. Now my question is when reading the Dovecot Wiki, I noticed it said that it is not common to use SSL but rather TLS on most mail servers. Even though SSL will work, which should I use on my

Hello, list, I have a problem with Sendmail configuration. I'm building (on CentOS 5) a "dual-MTA" setup with amavisd-new (as specified in amavisd-new documentation, file README.sendmail-dual). So far so good. But when I tried to add server SMTP-AUTH and TLS, I get a strange, permission-related error, and STARTTLS will not start. In my .mc conf, the Sendmail user is now the usual

Hello, When I try to revoke certificates from my puppet installation, I get the following error : /etc/puppet/ssl# puppetca --revoke all all notice: Revoked certificate with serial # Inventory of signed certificates err: Could not call revoke: Cannot convert into OpenSSL::BN And nothing gets deleted. I didn''t find any information about this error, and couldn''t correct it.

Goos morning all, I compiled Samba 3.0.14a with OpenLDAP 2.1.22-0 directory. I then enabled TLS between Samba and OpenLDAP. The following tests succeeded: s_server to s_client --> OK slapd to s_client --> OK slapd to OPenLDAP client commands (ldapsearch..) --> OK The problem is the following: when I start Samba (service smb start), slapd output returns: TLS trace:

Timo Sirainen <tss at iki.fi> (Di 13 Okt 2015 21:02:59 CEST): ? > > On connection setup from a client the director connects to the > > selected backend. But it seems (not checked in the source yet), > > that for SSL certificate verification the director doesn't know the > > original host name anymore. The certificate's CN gets compared to > > the IP

Hi, I using openldap 2.0.23 and samba 2.2.4 on a Redhat 7.2 Linux distrib. I've compiled with ldap support dans It works fine in clear mode. I've configured unix auth. in order to use ldap on TLS mode, and it works also. When I try to use TLS more (or SSL on 636), it doesn't work. LDAP doesn't seem to have an error (see logs below), but samba tells "Failed to issue the

Timo Sirainen <tss at iki.fi> (Di 13 Okt 2015 21:36:40 CEST): ? > > I see: > > > > a) pass the host *names* to the director too, for CN verification > > purpose > > > > May be in struct mail_host could be a field for the original > > hostname we used to obtain the adress(es)? > > Does the attached patch work? Compiles,