Thank you Markos, finally was able to secure SIP session with TLS between server & client.
Thanks for you support! From: [email protected] [mailto:[email protected]] On Behalf Of Markos Vakondios Sent: Wednesday, May 04, 2016 10:11 AM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] Asterisk 1.8 secure SIP session only Your CA cert is missing. Add in sip.conf: tlscafile=/etc/asterisk/keys/ca.crt You don't need: tlscapath=/etc/asterisk/keys On 4 May 2016 at 19:43, Motty Cruz <[email protected]> wrote: Hello, I am trying to secure SIP session with TLS on Asterisk Server 1.8. I keep getter an error, == Problem setting up ssl connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca [2016-05-04 09:31:17] WARNING[30032]: tcptls.c:254 handle_tcptls_connection: FILE * open failed! I tried both signed and self-signed cert to no avail. Here is my Configuration: Sip.conf tlsenable=yes tlsbindaddr=0.0.0.0 tlscertfile=/etc/asterisk/keys/box1.pem tlscapath=/etc/asterisk/keys tlscipher=ALL tlsclientmethod=tlsv1 sip.conf ext. [5006] type=peer context=sipext call-limit=3 trustrpid=no callerid="Rec" <5006> disallow=all allow=ulaw allow=alaw username=5006 secret=9fcbb025200881850526bc57d59885c3 dtmfmode=rfc2833 host=dynamic mailbox=5006 nat=yes canreinvite=no transport=tls == Problem setting up ssl connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca [2016-05-04 09:31:17] WARNING[30032]: tcptls.c:254 handle_tcptls_connection: FILE * open failed! Any ideas? -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
