TLS/SSL Error Loading Cert File.

Home » Asterisk Users » TLS/SSL Error Loading Cert File.
Asterisk Users 3 Comments

Hello,

On a newly re-installed Asterisk 16.7.0 on Debian Buster, I can’t find a way to enable HTTPS. Asterisk is running as asterisk:asterisk:

asterisk 11097 0.3 6.7 741352 67984 ? Ssl 17:53 0:06
/usr/sbin/asterisk -g -f -p -U asterisk

# cat /etc/asterisk/http.conf
[general]
servername=Asterisk enabled=yes bindaddr=0.0.0.0
bindport

3 thoughts on - TLS/SSL Error Loading Cert File.

  • Have you tried pointing to the .crt file instead of the .pem file?

    Why is that commented out (and why is it a relative path)?

    Try reducing the permissions on the .crt and especially the .key files, so they’re not world-readable.

    Many applications will refuse to start if the certificate or key files are insecure.

    Antony.


    Salad is what food eats.

    Please reply to the list;
    please *don’t* CC me.

  • May I add I could successfully (if pjsip show transports has any meaning)
    add a PJSIP TLS-transport with:

    [transport-tls]
    type=transport protocol=tls bind=0.0.0.0:5061
    cert_file=/etc/asterisk/keys/asterisk.crt priv_key_file=/etc/asterisk/keys/asterisk.key method=tlsv1

    Le lun. 6 janv. 2020 à 18:33, Olivier a écrit :

  • So, that does indeed suggest that an absolute path + the .crt file instead of the .pem file might work…


    I can tell you I wish those people just would be quiet. It would be best for the world. That’s not going to happen, so we have to work in the right fashion with these security researchers.

    – Steve Ballmer, at Microsoft’s Worldwide Partner Conference in New Orleans, October 2003
    http://news.microsoft.com/speeches/steve-ballmer-speech-transcript-
    microsoft-worldwide-partner-conference-2003/

    Please reply to the list;
    please *don’t* CC me.