similar to: PJSIP and Grandstream Wave with TSL and SRTP

On Thursday, January 23, 2020 11:31:46 PM CET Sean Bright wrote: > On 1/21/2020 9:18 PM, hw wrote: > > [transport-tls] > > type = transport > > protocol = tls > > bind = 0.0.0.0:5061 > > tos = cs5 > > cert_file = /etc/asterisk/cert/asterisk.pem > > ca_list_file = /etc/pki/tls/certs/ca-bundle.crt > > method = sslv23 > > This is what mine

On 1/23/2020 6:04 PM, hw wrote: >> This is what mine looks like which works just fine: >> >> [transport-tls] >> type = transport >> protocol = tls >> method = tlsv1_2 >> cipher = >> ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128 >>

On 1/21/2020 9:18 PM, hw wrote: > [transport-tls] > type = transport > protocol = tls > bind = 0.0.0.0:5061 > tos = cs5 > cert_file = /etc/asterisk/cert/asterisk.pem > ca_list_file = /etc/pki/tls/certs/ca-bundle.crt > method = sslv23 This is what mine looks like which works just fine: [transport-tls] type          = transport protocol      = tls method        = tlsv1_2

Hey guys,tried to make tls work with pjsip on asterisk 13.2.0 have compiled pjsip with ssl, added transport [tls] type=transport cert_file=/pbx/keys/server.crt ca_list_file=/pbx/keys/ca.key priv_key_file=/pbx/keys/server.key protocol=tls bind=192.168.1.4:5061 local_net=192.168.1.0/24 external_media_address=77.77.77.77 external_signaling_address=77.77.77.77 have configured Grandstream GXP1400

Thanks, Michael. A few questions: Is [transport_name] a reserved word, or am I supposed to replace it with a name of my own, like '[did-transport]'? Some of the keywords I haven't seen before. Is ca_list_file supposed to be an aggregate of the public and private key? And what are the 'method,' 'tos' and 'cos' keywords, which are commented out in your

Hello Steve, use the following configuration for the transport and bind this transport to the trunk: [transport_name] type=transport protocol=tls bind=192.168.13.24 ; your bind IP ca_list_file=/etc/pki/tls/certs/ca-bundle.crt ; method=tlsv1_2 verify_server=yes allow_reload=no ;tos=0xb8 ;cos=3 external_media_address=your.ext.host.name ; hostname pointing to your ext. IP

On Saturday, April 18, 2020 5:42:11 PM CEST Joshua C. Colp wrote: > On Sat, Apr 18, 2020 at 8:47 AM hw <hw at gc-24.de> wrote: > > Hi, > > > > how do I make a bug report? I filled in the form to make a report and > > https://issues.asterisk.org/jira/issues/?filter=-2 still shows no issues > > reported by me. > > If successful then JIRA will redirect

Thank you for the response Joshua . I had rtp_symmetric=yes before I wrote the email, then I set it to no, restart asterisk, and tried to make the call from the remote endpoint again but still tcpdump is showing me the RTP packets are being sent from Asterisk to the private IP. tcpdump on asterisk server showing UDP packet bound for my remote endpoints internal IP: 17:07:57.130212 IP

Hi, how do I make a bug report? I filled in the form to make a report and https://issues.asterisk.org/jira/issues/?filter=-2 still shows no issues reported by me. If someone knows how to get asterisk to re-register when using pjsip after the registration shows as Rejected, like after the internet connection to the VOIP provider goes away (and comes back), please let me know. This bug makes

I want to configure communication with my phone provider using TLS for all the obvious reasons. Since I'm behind a firewall, I'll be needing to do it with NAT. There are examples of UDP plus NAT in pjsip.conf, but none for TLS plus NAT. Would it be correct to set up the TLS transport stanza to look like the [transport-udp-nat] stanza example, replacing UDP with TLS in lines like

Greetings ! My goal is to get Twilio trunking working, and with TLS/SRTP. I see this concerning message in my log: [Feb 7 16:50:26] ERROR[20596] res_sorcery_config.c: Could not create an object of type 'endpoint' with id ?twilio' from configuration file ?pjsip.conf? Thus, ?pjsip show endpoints? does not show the endpoint for the Twilio trunk. Hoping for a sanity check of

Hi list , I'm doing some tests with asterisk 13.4 and tls, and failed to make it work, all my terminals spa Cisco 5XX look my cli [Jul 8 11:09:16] ERROR[14733]: pjsip:0 <?>: tlsc0x7f539801 TLS connect() error: Connection refused [code=120111] [Jul 8 11:09:16] WARNING[14733]: pjsip:0 <?>: tsx0x7f53a8008 Failed to send Request msg OPTIONS/cseq=48024 (tdta0x7f53c000dcb0)!

I am using fetchmail to collect mail from some secondary mail accounts, among which is hotmail. So far I have used hotwayd to fetch the mail from hotmail using httpmail. Hotmail now supports pop3 access, so I decided to change fetchnail to fetch the mail directly over pop3. This works, but whatever I try, I get an error message when I run fetchmail: Invalid SSL protocol 'SSLv23'

Hello, On a newly re-installed Asterisk 16.7.0 on Debian Buster, I can't find a way to enable HTTPS. Asterisk is running as asterisk:asterisk: asterisk 11097 0.3 6.7 741352 67984 ? Ssl 17:53 0:06 /usr/sbin/asterisk -g -f -p -U asterisk # cat /etc/asterisk/http.conf [general] servername=Asterisk enabled=yes bindaddr=0.0.0.0 bindport=8088 tlsenable=yes tlsbindaddr=0.0.0.0:8089

> > Hello, I am new to this list, and I wanted to bring up an issue > that I have been struggling with. ( Now that I have subscribed to > the correct list!) > > I want to enable SSL for our mail server that runs Dovecot and > Exim. I have been told that if SSL is enabled then it can break > Eudora mail clients before 6.2 ish. > > So, I was wondering if

> On 24/09/2020 05:24 PGNet Dev <pgnet.dev at gmail.com> wrote: > > > I've installed > > grep PRETTY /etc/os-release > PRETTY_NAME="Fedora 32 (Server Edition)" > dovecot --version > 2.3.10.1 (a3d0e1171) > openssl version > OpenSSL 1.1.1g FIPS 21 Apr 2020 > > iiuc, Dovecot has apparently had support for setting TLS 1.3

Stuck with TLS transport, I have 2 phones (both in local network for tests) one connected with up second with tls when I calling TLS to UPD everything is fine, but when UDP calls TLS I getting an error ERROR[44230]: pjsip:0 <?>: tlsc0x7f143012 TLS connect() error: Connection refused [code=120111] pjsip log: -- Called PJSIP/601/sip:601 at 192.168.1.55:5075;transport=tls <---

I've installed grep PRETTY /etc/os-release PRETTY_NAME="Fedora 32 (Server Edition)" dovecot --version 2.3.10.1 (a3d0e1171) openssl version OpenSSL 1.1.1g FIPS 21 Apr 2020 iiuc, Dovecot has apparently had support for setting TLS 1.3 ciphersuites since v2.3.9, per this commit lib-ssl-iostream: Support TLSv1.3 ciphersuites

Hi, I have not found any way to use a Certificate with ssh-agent when my Key is stored on a pkcs11 device. I can add my key with ssh-add -s /usr/local/lib/opensc-pkcs11.so but ssh-add -s /usr/local/lib/opensc-pkcs11.so ~/.ssh/mykey-cert.pub does not add the certificate to my agent. As far as I undestand, in ssh-add.c line 580 if (pkcs11provider != NULL) { if (update_card(agent_fd,

(Posted few days ago on qemu group but no reactions) Do I understand correctly that ssl shoudl be configured independently for libvirt and each hypervisor? I asked because I configured libvirt connection as qemu+tls://bambus.kjonca/system?pkipath=... (and on bambus in /etc/libvirt/libvirtd.conf) I set key_file = ... cert_file = ... ca_file = ... But after connect and lauching (on bambus) vm I