SIP TLS Not Working, Asterisk 16.9.0
Hi,
I have problems with SIP via TLS. Asterisk works as a client. The TCP
connection is established, followed by a client hello from Asterisk to the server. The server sends Server Hello, Certificate, Server Key Exchange and Server Hello Done.
Than Asterisk sends back a Alert (Level: Fatal, Description Handshake Failure). The following line appears in the log:
ast_iostream_start_tls: Problem setting up ssl connection:
error:00000001:lib(0):func(0):reason(1), Internal SSL error
Asterisk version is 16.9.0, openssl is 1.1.1d-0+deb10u2 of debian Buster.
The configuration works with Asterisk 11.25 and openssl 1.0.1.
Any hints on how to find the error?
Best regards,
Karsten
—
2 thoughts on - SIP TLS Not Working, Asterisk 16.9.0
Hi Karsten,
Something in that packet seems to be unacceptable for openssl 1.1.1d as it is compiled and configured for Buster.
Certificate length, Digest algorithm, …
You my change the system default settings at the bottom of
“/etc/ssl/openssl.cnf”, restart asterisk and try again. Keep in mind that this will affect the whole server.
—
Stefan Tichy ( asterisk3 at pi4tel dot de )
—
Hi Stefan,
thanks a lot. It is working now.
Best regards,
Karsten
Am Freitag, den 01.05.2020, 18:40 +0200 schrieb Stefan Tichy:
—