Sorry, things got a bit behind. I was about to settle down and type something up, when I notice you mention SIP.
Sorry, I've not used that - I'm only familiar with the current pjsip implementation on 13.10. Which looks like this: [transport-tls] type=transport protocol=tls bind=0.0.0.0:5061 cert_file=/etc/letsencrypt/live/mysite.co.uk/fullchain.pem priv_key_file=/etc/letsencrypt/live/mysite.co.uk/privkey.pem method=tlsv1 But this won't be any good to you on sip. What version of Asterisk are you using? On 26 August 2016 at 11:36, hw <h...@gc-24.de> wrote: > Jonathan H schrieb: >> >> Well, what immediately stands out is: >> "FILE * open failed!" > > > Yes, and it doesn´t say which file cannot be opened. I even looked at > the source and found that at that point, you can´t simply add some > debugging output to find out. > >> Have you triple checked that the full filepath is correct and that the >> user that Asterisk is running as has full permissions to access your >> valid certificate file? > > > It says 'SSL certificate ok' when I 'reload sip'. When it can´t read one > of the files involved with the certificate, it says which one. > >> I have it working with microsip and a free TLS cert from LetsEncrypt. >> When I get to the PC with that on, I can write up what settings I've >> got if that helps? > > > I´m using a self signed certificate, but that shouldn´t behave any > differently than an externally sigend one as long as it checks out, > which it apparently does. > > So yes, it would be nice if you could send me the settings you´re using, > thanks :) > > > >> >> >> On 26 August 2016 at 10:47, hw <h...@gc-24.de> wrote: >>> >>> hw schrieb: >>>> >>>> >>>> >>>> Hi, >>>> >>>> I´m trying to get TLS to work with asterisk and client phones, >>>> and all I´m getting from asterisk is >>>> >>>> >>>> [Aug 23 11:46:42] WARNING[1170]: tcptls.c:673 handle_tcptls_connection: >>>> FILE * open failed! >>>> == Problem setting up ssl connection: >>>> error:00000000:lib(0):func(0):reason(0) >>>> [Aug 23 11:46:44] WARNING[1171]: tcptls.c:673 handle_tcptls_connection: >>>> FILE * open failed! >>>> >>>> >>>> when clients try to connect. No client is able to register using TLS. >>>> >>>> How can I use encrypted connections? >>>> >>> >>> Nobody having an idea? Nobody using encryption? >>> >>> >>> >>> -- >>> _____________________________________________________________________ >>> -- Bandwidth and Colocation Provided by http://www.api-digital.com -- >>> >>> Join the Asterisk Community at the 13th AstriCon, September 27-29, 2016 >>> http://www.asterisk.org/community/astricon-user-conference >>> >>> New to Asterisk? Start here: >>> https://wiki.asterisk.org/wiki/display/AST/Getting+Started >>> >>> asterisk-users mailing list >>> To UNSUBSCRIBE or update options visit: >>> http://lists.digium.com/mailman/listinfo/asterisk-users >> >> > > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > Join the Asterisk Community at the 13th AstriCon, September 27-29, 2016 > http://www.asterisk.org/community/astricon-user-conference > > New to Asterisk? Start here: > https://wiki.asterisk.org/wiki/display/AST/Getting+Started > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- Join the Asterisk Community at the 13th AstriCon, September 27-29, 2016 http://www.asterisk.org/community/astricon-user-conference New to Asterisk? Start here: https://wiki.asterisk.org/wiki/display/AST/Getting+Started asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users