Asterisk TLS 5061 Not Listening

Home » Asterisk Users » Asterisk TLS 5061 Not Listening
Asterisk Users 1 Comment

I’m currently trying to setup an Asterisk Box with a Let’s Encrypt certificate.

I merged privatekey, cert and chain to one file:

cat /etc/letsencrypt/live/domain/privkey.pem >
/etc/asterisk/tls/a-keycert.pem cat /etc/letsencrypt/live/domain/fullchain.pem >>
/etc/asterisk/tls/a-keycert.pem

My sip.conf features the following entries:

tlsenable=yes tlsbindaddr=0.0.0.0
tlscertfile=/etc/asterisk/tls/a-keycert.pem tlscipher=ALL
tlsclientmethod=tlsv1

But somehow my Asterisk doesn’t even start to listen on the SIPS port
(5061):

Proto Recv-Q Send-Q Local Address Foreign Address State
PID/Program name udp 0 0 0.0.0.0:5060 0.0.0.0:*

One thought on - Asterisk TLS 5061 Not Listening

  • This is not necessary. You could use tlscertfile and tlsprivatekey.

    From the ChangeLog (Asterisk 13):

    “Consequently please, specify ‘tlsclientmethod=tlsv1’ in your sip.conf only if you face a server which has problems like not falling back to TLSv1.0 automatically.”

    Are there any error messages or warnings? Which asterisk version is used?


    Stefan Tichy ( asterisk3 at pi4tel dot de )