How To Set Http.conf For HTTPS Support On Debian Buster ?
Hello,
I’ve installed a new Asterisk 17.0.0 on a Debian Buster system.
This Asterisk instance is run by asterisk user (and group). I’ve got:
# ls -l /etc/asterisk total 68
-rw-r–r– 1 asterisk asterisk 501 nov. 18 19:12 asterisk.conf
-rw-r–r– 1 asterisk asterisk 135 nov. 18 18:57 cdr.conf
-rw-r–r– 1 asterisk asterisk 684 nov. 18 18:57 cdr_custom.conf
-rw-r–r– 1 asterisk asterisk 103 nov. 18 18:57 confbridge.conf
-rw-r–r– 1 asterisk asterisk 6834 nov. 18 18:57 extensions.conf
-rw-r–r– 1 asterisk asterisk 138 nov. 18 21:42 http.conf
-rw-r–r– 1 asterisk asterisk 681 nov. 18 18:57 indications.conf drwxr-xr-x 2 root root 4096 nov. 18 20:47 keys
-rw-r–r– 1 asterisk asterisk 160 nov. 18 18:57 logger.conf
-rw-r–r– 1 asterisk asterisk 2769 nov. 18 18:57 modules.conf
-rw-r–r– 1 asterisk asterisk 50 nov. 18 18:57 musiconhold.conf
-rw-r–r– 1 asterisk asterisk 6360 nov. 18 18:57 pjsip.conf
-rw-r–r– 1 asterisk asterisk 790 nov. 18 18:57 pjsip_notify.conf
-rw-r–r– 1 asterisk asterisk 768 nov. 18 18:57 README
-rw-r–r– 1 asterisk asterisk 513 nov. 18 18:57 voicemail.conf
# ls -l /etc/asterisk/keys/
total 32
-rw——- 1 root root 1224 nov. 18 20:47 asterisk.crt
-rw——- 1 root root 578 nov. 18 20:46 asterisk.csr
-rw——- 1 root root 887 nov. 18 20:46 asterisk.key
-rw——- 1 root root 2111 nov. 18 20:47 asterisk.pem
-rw——- 1 root root 161 nov. 18 20:46 ca.cfg
-rw——- 1 root root 1781 nov. 18 20:46 ca.crt
-rw——- 1 root root 3311 nov. 18 20:46 ca.key
-rw——- 1 root root 124 nov. 18 20:46 tmp.cfg
# cat /etc/asterisk/http.conf
[general]
enabled=yes bindaddr=0.0.0.0
bindport
3 thoughts on - How To Set Http.conf For HTTPS Support On Debian Buster ?
I’d say that asterisk running as the asterisk user has no permission to see the .pem file as only root can see it.
Richard
Unfortunately, changing ownership did not solve the issue:
# ls -al keys/
total 40
drwxr-xr-x 2 asterisk asterisk 4096 nov. 18 20:47 . drwxr-x— 3 asterisk asterisk 4096 nov. 18 20:53 ..
-rw——- 1 asterisk asterisk 1224 nov. 18 20:47 asterisk.crt
-rw——- 1 asterisk asterisk 578 nov. 18 20:46 asterisk.csr
-rw——- 1 asterisk asterisk 887 nov. 18 20:46 asterisk.key
-rw——- 1 asterisk asterisk 2111 nov. 18 20:47 asterisk.pem
-rw——- 1 asterisk asterisk 161 nov. 18 20:46 ca.cfg
-rw——- 1 asterisk asterisk 1781 nov. 18 20:46 ca.crt
-rw——- 1 asterisk asterisk 3311 nov. 18 20:46 ca.key
-rw——- 1 asterisk asterisk 124 nov. 18 20:46 tmp.cfg
# service asterisk stop
# service asterisk start
# asterisk -rx “http show status”
HTTP Server Status:
Prefix:
Server: Asterisk/17.0.0
Server Enabled and Bound to 0.0.0.0:8088
Enabled URI’s:
/httpstatus => Asterisk HTTP General Status
/static/… => Asterisk HTTP Static Delivery
Enabled Redirects:
Le lun. 18 nov. 2019 à 22:08, Richard Mudgett a
écrit :
May I add my modules.conf conf (this modules.conf was generated by make basic-pbx) ?
Maybe a module is missing there ?
Shall I check something in menuselect ?
(Replacing its content with a simple “autoload = yes” does not change either)
# cat modules.conf
[modules]
autoload = no
; This is a minimal module load. We are loading only the modules required for
; the Asterisk features used in the Super Awesome Company configuration.
; Applications
load = app_bridgewait.so load = app_dial.so load = app_playback.so load = app_stack.sothis load = app_verbose.so load = app_voicemail.so load = app_directory.so load = app_confbridge.so
; Bridging
load = bridge_builtin_features.so load = bridge_builtin_interval_features.so load = bridge_holding.so load = bridge_native_rtp.so load = bridge_simple.so load = bridge_softmix.so
; Call Detail Records
load = cdr_custom.so
; Channel Drivers
load = chan_bridge_media.so load = chan_pjsip.so
; Codecs
load = codec_gsm.so load = codec_resample.so load = codec_ulaw.so load = codec_g722.so
; Formats
load = format_gsm.so load = format_pcm.so load = format_wav_gsm.so load = format_wav.so
; Functions
load = func_callerid.so load = func_cdr.so load = func_pjsip_endpoint.so load = func_sorcery.so load = func_devstate.so load = func_strings.so
; Core/PBX
load = pbx_config.so
; Resources
load = res_http_websocket.so load = res_musiconhold.so load = res_pjproject.so load = res_pjsip_acl.so load = res_pjsip_authenticator_digest.so load = res_pjsip_caller_id.so load = res_pjsip_dialog_info_body_generator.so load = res_pjsip_diversion.so load = res_pjsip_dtmf_info.so load = res_pjsip_endpoint_identifier_anonymous.so load = res_pjsip_endpoint_identifier_ip.so load = res_pjsip_endpoint_identifier_user.so load = res_pjsip_exten_state.so load = res_pjsip_header_funcs.so load = res_pjsip_logger.so load = res_pjsip_messaging.so load = res_pjsip_mwi_body_generator.so load = res_pjsip_mwi.so load = res_pjsip_nat.so load = res_pjsip_notify.so load = res_pjsip_one_touch_record_info.so load = res_pjsip_outbound_authenticator_digest.so load = res_pjsip_outbound_publish.so load = res_pjsip_outbound_registration.so load = res_pjsip_path.so load = res_pjsip_pidf_body_generator.so load = res_pjsip_pidf_digium_body_supplement.so load = res_pjsip_pidf_eyebeam_body_supplement.so load = res_pjsip_publish_asterisk.so load = res_pjsip_pubsub.so load = res_pjsip_refer.so load = res_pjsip_registrar.so load = res_pjsip_rfc3326.so load = res_pjsip_sdp_rtp.so load = res_pjsip_send_to_voicemail.so load = res_pjsip_session.so load = res_pjsip.so load = res_pjsip_t38.so load = res_pjsip_transport_websocket.so load = res_pjsip_xpidf_body_generator.so load = res_rtp_asterisk.so load = res_sorcery_astdb.so load = res_sorcery_config.so load = res_sorcery_memory.so load = res_sorcery_realtime.so load = res_timing_timerfd.so
; Don’t load res_hep.so and kin unless you are using hep monitoring in your network
noload = res_hep.so noload = res_hep_pjsip.so noload = res_hep_rtcp.so
Le lun. 18 nov. 2019 à 22:18, Olivier a écrit :