Asterisk TLS 5061 Not Listening
I’m currently trying to setup an Asterisk Box with a Let’s Encrypt certificate.
I merged privatekey, cert and chain to one file:
cat /etc/letsencrypt/live/domain/privkey.pem >
/etc/asterisk/tls/a-keycert.pem cat /etc/letsencrypt/live/domain/fullchain.pem >>
/etc/asterisk/tls/a-keycert.pem
My sip.conf features the following entries:
tlsenable=yes tlsbindaddr=0.0.0.0
tlscertfile=/etc/asterisk/tls/a-keycert.pem tlscipher=ALL
tlsclientmethod=tlsv1
But somehow my Asterisk doesn’t even start to listen on the SIPS port
(5061):
Proto Recv-Q Send-Q Local Address Foreign Address State
PID/Program name udp 0 0 0.0.0.0:5060 0.0.0.0:*
–
One thought on - Asterisk TLS 5061 Not Listening
This is not necessary. You could use tlscertfile and tlsprivatekey.
From the ChangeLog (Asterisk 13):
“Consequently please, specify ‘tlsclientmethod=tlsv1’ in your sip.conf only if you face a server which has problems like not falling back to TLSv1.0 automatically.”
Are there any error messages or warnings? Which asterisk version is used?
—
Stefan Tichy ( asterisk3 at pi4tel dot de )
—